static gboolean
delete_connection (NMVpnPluginUiInterface *iface,
NMConnection *connection,
GError **error)
{
NMSettingConnection *s_con = NULL;
const char *uuid;
/* Remove any secrets in the keyring associated with this connection's UUID */
s_con = (NMSettingConnection *) nm_connection_get_setting (connection,
NM_TYPE_SETTING_CONNECTION);
if (!s_con) {
g_set_error (error,
L2TP_PLUGIN_UI_ERROR,
L2TP_PLUGIN_UI_ERROR_INVALID_CONNECTION,
"missing 'connection' setting");
return FALSE;
}
uuid = nm_setting_connection_get_uuid (s_con);
keyring_helpers_delete_secret (uuid, NM_L2TP_KEY_PASSWORD);
return TRUE;
}
static void
vpn_secret_iter_cb (const char *key, const char *secret, gpointer user_data)
{
Request *r = user_data;
NMSetting *setting;
const char *service_name, *id;
char *display_name;
if (secret && strlen (secret)) {
setting = nm_connection_get_setting (r->connection, NM_TYPE_SETTING_VPN);
g_assert (setting);
service_name = nm_setting_vpn_get_service_type (NM_SETTING_VPN (setting));
g_assert (service_name);
id = nm_connection_get_id (r->connection);
g_assert (id);
display_name = g_strdup_printf ("VPN %s secret for %s/%s/" NM_SETTING_VPN_SETTING_NAME,
key,
id,
service_name);
save_one_secret (r, setting, key, secret, display_name);
g_free (display_name);
}
}
static NMConnection *
real_get_best_auto_connection (NMModem *modem,
GSList *connections,
char **specific_object)
{
GSList *iter;
for (iter = connections; iter; iter = g_slist_next (iter)) {
NMConnection *connection = NM_CONNECTION (iter->data);
NMSettingConnection *s_con;
s_con = (NMSettingConnection *) nm_connection_get_setting (connection, NM_TYPE_SETTING_CONNECTION);
g_assert (s_con);
if (!nm_setting_connection_get_autoconnect (s_con))
continue;
if (strcmp (nm_setting_connection_get_connection_type (s_con), NM_SETTING_GSM_SETTING_NAME))
continue;
return connection;
}
return NULL;
}
static gboolean
save_secrets (NMVpnPluginUiWidgetInterface *iface,
NMConnection *connection,
GError **error)
{
L2tpPluginUiWidget *self = L2TP_PLUGIN_UI_WIDGET (iface);
L2tpPluginUiWidgetPrivate *priv = L2TP_PLUGIN_UI_WIDGET_GET_PRIVATE (self);
GnomeKeyringResult ret;
NMSettingConnection *s_con;
GtkWidget *widget;
const char *str, *uuid, *id;
s_con = (NMSettingConnection *) nm_connection_get_setting (connection, NM_TYPE_SETTING_CONNECTION);
if (!s_con) {
g_set_error (error,
L2TP_PLUGIN_UI_ERROR,
L2TP_PLUGIN_UI_ERROR_INVALID_CONNECTION,
"missing 'connection' setting");
return FALSE;
}
id = nm_setting_connection_get_id (s_con);
uuid = nm_setting_connection_get_uuid (s_con);
widget = glade_xml_get_widget (priv->xml, "user_password_entry");
g_assert (widget);
str = gtk_entry_get_text (GTK_ENTRY (widget));
if (str && strlen (str)) {
ret = keyring_helpers_save_secret (uuid, id, NULL, NM_L2TP_KEY_PASSWORD, str);
if (ret != GNOME_KEYRING_RESULT_OK)
g_warning ("%s: failed to save user password to keyring.", __func__);
} else
keyring_helpers_delete_secret (uuid, NM_L2TP_KEY_PASSWORD);
return TRUE;
}
static void
fill_connection (EAPMethod *parent, NMConnection *connection)
{
EAPMethodTLS *method = (EAPMethodTLS *) parent;
NMSetting8021xCKFormat format = NM_SETTING_802_1X_CK_FORMAT_UNKNOWN;
NMSetting8021x *s_8021x;
NMSettingConnection *s_con;
GtkWidget *widget;
char *ca_filename, *pk_filename, *cc_filename;
const char *password = NULL;
GError *error = NULL;
s_con = NM_SETTING_CONNECTION (nm_connection_get_setting (connection, NM_TYPE_SETTING_CONNECTION));
g_assert (s_con);
s_8021x = NM_SETTING_802_1X (nm_connection_get_setting (connection, NM_TYPE_SETTING_802_1X));
g_assert (s_8021x);
if (method->phase2)
g_object_set (s_8021x, NM_SETTING_802_1X_PHASE2_AUTH, "tls", NULL);
else
nm_setting_802_1x_add_eap_method (s_8021x, "tls");
widget = glade_xml_get_widget (parent->xml, "eap_tls_identity_entry");
g_assert (widget);
g_object_set (s_8021x, NM_SETTING_802_1X_IDENTITY, gtk_entry_get_text (GTK_ENTRY (widget)), NULL);
/* TLS private key */
widget = glade_xml_get_widget (parent->xml, "eap_tls_private_key_password_entry");
g_assert (widget);
password = gtk_entry_get_text (GTK_ENTRY (widget));
g_assert (password);
widget = glade_xml_get_widget (parent->xml, "eap_tls_private_key_button");
g_assert (widget);
pk_filename = gtk_file_chooser_get_filename (GTK_FILE_CHOOSER (widget));
g_assert (pk_filename);
if (method->phase2) {
if (!nm_setting_802_1x_set_phase2_private_key (s_8021x, pk_filename, password, NM_SETTING_802_1X_CK_SCHEME_PATH, &format, &error)) {
g_warning ("Couldn't read phase2 private key '%s': %s", pk_filename, error ? error->message : "(unknown)");
g_clear_error (&error);
}
} else {
if (!nm_setting_802_1x_set_private_key (s_8021x, pk_filename, password, NM_SETTING_802_1X_CK_SCHEME_PATH, &format, &error)) {
g_warning ("Couldn't read private key '%s': %s", pk_filename, error ? error->message : "(unknown)");
g_clear_error (&error);
}
}
g_free (pk_filename);
/* TLS client certificate */
if (format != NM_SETTING_802_1X_CK_FORMAT_PKCS12) {
/* If the key is pkcs#12 nm_setting_802_1x_set_private_key() already
* set the client certificate for us.
*/
widget = glade_xml_get_widget (parent->xml, "eap_tls_user_cert_button");
g_assert (widget);
cc_filename = gtk_file_chooser_get_filename (GTK_FILE_CHOOSER (widget));
g_assert (cc_filename);
format = NM_SETTING_802_1X_CK_FORMAT_UNKNOWN;
if (method->phase2) {
if (!nm_setting_802_1x_set_phase2_client_cert (s_8021x, cc_filename, NM_SETTING_802_1X_CK_SCHEME_PATH, &format, &error)) {
g_warning ("Couldn't read phase2 client certificate '%s': %s", cc_filename, error ? error->message : "(unknown)");
g_clear_error (&error);
}
} else {
if (!nm_setting_802_1x_set_client_cert (s_8021x, cc_filename, NM_SETTING_802_1X_CK_SCHEME_PATH, &format, &error)) {
g_warning ("Couldn't read client certificate '%s': %s", cc_filename, error ? error->message : "(unknown)");
g_clear_error (&error);
}
}
g_free (cc_filename);
}
/* TLS CA certificate */
widget = glade_xml_get_widget (parent->xml, "eap_tls_ca_cert_button");
g_assert (widget);
ca_filename = gtk_file_chooser_get_filename (GTK_FILE_CHOOSER (widget));
format = NM_SETTING_802_1X_CK_FORMAT_UNKNOWN;
if (method->phase2) {
if (!nm_setting_802_1x_set_phase2_ca_cert (s_8021x, ca_filename, NM_SETTING_802_1X_CK_SCHEME_PATH, &format, &error)) {
g_warning ("Couldn't read phase2 CA certificate '%s': %s", ca_filename, error ? error->message : "(unknown)");
g_clear_error (&error);
}
} else {
if (!nm_setting_802_1x_set_ca_cert (s_8021x, ca_filename, NM_SETTING_802_1X_CK_SCHEME_PATH, &format, &error)) {
g_warning ("Couldn't read CA certificate '%s': %s", ca_filename, error ? error->message : "(unknown)");
g_clear_error (&error);
}
}
nm_gconf_set_ignore_ca_cert (nm_setting_connection_get_uuid (s_con),
method->phase2,
eap_method_get_ignore_ca_cert (parent));
}
static void
fill_connection (EAPMethod *parent, NMConnection *connection)
{
EAPMethodTLS *method = (EAPMethodTLS *) parent;
NMSetting8021xCKType key_type = NM_SETTING_802_1X_CK_TYPE_UNKNOWN;
NMSetting8021x *s_8021x;
GtkWidget *widget;
char *filename, *pk_filename, *cc_filename;
char *password = NULL;
GError *error = NULL;
s_8021x = NM_SETTING_802_1X (nm_connection_get_setting (connection, NM_TYPE_SETTING_802_1X));
g_assert (s_8021x);
if (method->phase2)
g_object_set (s_8021x, NM_SETTING_802_1X_PHASE2_AUTH, "tls", NULL);
else
nm_setting_802_1x_add_eap_method (s_8021x, "tls");
widget = glade_xml_get_widget (parent->xml, "eap_tls_identity_entry");
g_assert (widget);
g_object_set (s_8021x, NM_SETTING_802_1X_IDENTITY, gtk_entry_get_text (GTK_ENTRY (widget)), NULL);
widget = glade_xml_get_widget (parent->xml, "eap_tls_private_key_password_entry");
g_assert (widget);
password = g_strdup (gtk_entry_get_text (GTK_ENTRY (widget)));
if (method->phase2) {
g_object_set_data_full (G_OBJECT (connection),
NMA_PHASE2_PRIVATE_KEY_PASSWORD_TAG,
password,
(GDestroyNotify) free_password);
} else {
g_object_set_data_full (G_OBJECT (connection),
NMA_PRIVATE_KEY_PASSWORD_TAG,
password,
(GDestroyNotify) free_password);
}
/* TLS private key */
widget = glade_xml_get_widget (parent->xml, "eap_tls_private_key_button");
g_assert (widget);
pk_filename = gtk_file_chooser_get_filename (GTK_FILE_CHOOSER (widget));
g_assert (pk_filename);
g_object_set_data_full (G_OBJECT (connection),
method->phase2 ? NMA_PATH_PHASE2_PRIVATE_KEY_TAG : NMA_PATH_PRIVATE_KEY_TAG,
g_strdup (pk_filename),
(GDestroyNotify) g_free);
if (method->phase2) {
if (!nm_setting_802_1x_set_phase2_private_key_from_file (s_8021x, pk_filename, password, &key_type, &error)) {
g_warning ("Couldn't read phase2 private key '%s': %s", pk_filename, error ? error->message : "(unknown)");
g_clear_error (&error);
}
} else {
if (!nm_setting_802_1x_set_private_key_from_file (s_8021x, pk_filename, password, &key_type, &error)) {
g_warning ("Couldn't read private key '%s': %s", pk_filename, error ? error->message : "(unknown)");
g_clear_error (&error);
}
}
/* TLS client certificate */
if (key_type == NM_SETTING_802_1X_CK_TYPE_PKCS12) {
/* if the key is pkcs#12, the cert is filled with the same data */
cc_filename = g_strdup (pk_filename);
} else {
widget = glade_xml_get_widget (parent->xml, "eap_tls_user_cert_button");
g_assert (widget);
cc_filename = gtk_file_chooser_get_filename (GTK_FILE_CHOOSER (widget));
}
g_assert (cc_filename);
g_object_set_data_full (G_OBJECT (connection),
method->phase2 ? NMA_PATH_PHASE2_CLIENT_CERT_TAG : NMA_PATH_CLIENT_CERT_TAG,
g_strdup (cc_filename),
(GDestroyNotify) g_free);
g_free (cc_filename);
g_free (pk_filename);
/* TLS CA certificate */
widget = glade_xml_get_widget (parent->xml, "eap_tls_ca_cert_button");
g_assert (widget);
filename = gtk_file_chooser_get_filename (GTK_FILE_CHOOSER (widget));
if (filename) {
g_object_set_data_full (G_OBJECT (connection),
method->phase2 ? NMA_PATH_PHASE2_CA_CERT_TAG : NMA_PATH_CA_CERT_TAG,
g_strdup (filename),
(GDestroyNotify) g_free);
g_free (filename);
} else {
g_object_set_data (G_OBJECT (connection),
method->phase2 ? NMA_PATH_PHASE2_CA_CERT_TAG : NMA_PATH_CA_CERT_TAG,
NULL);
}
if (eap_method_get_ignore_ca_cert (parent)) {
g_object_set_data (G_OBJECT (connection),
method->phase2 ? NMA_PHASE2_CA_CERT_IGNORE_TAG : NMA_CA_CERT_IGNORE_TAG,
GUINT_TO_POINTER (TRUE));
} else {
g_object_set_data (G_OBJECT (connection),
method->phase2 ? NMA_PHASE2_CA_CERT_IGNORE_TAG : NMA_CA_CERT_IGNORE_TAG,
NULL);
}
}
gboolean
nm_ap_check_compatible (NMAccessPoint *self,
NMConnection *connection)
{
NMAccessPointPrivate *priv;
NMSettingWireless *s_wireless;
NMSettingWirelessSecurity *s_wireless_sec;
const char *mode;
const char *band;
const GByteArray *bssid;
guint32 channel;
g_return_val_if_fail (NM_IS_AP (self), FALSE);
g_return_val_if_fail (NM_IS_CONNECTION (connection), FALSE);
priv = NM_AP_GET_PRIVATE (self);
s_wireless = NM_SETTING_WIRELESS (nm_connection_get_setting (connection, NM_TYPE_SETTING_WIRELESS));
if (s_wireless == NULL)
return FALSE;
if (!nm_utils_same_ssid (nm_setting_wireless_get_ssid (s_wireless), priv->ssid, TRUE))
return FALSE;
bssid = nm_setting_wireless_get_bssid (s_wireless);
if (bssid && memcmp (bssid->data, &priv->address, ETH_ALEN))
return FALSE;
mode = nm_setting_wireless_get_mode (s_wireless);
if (mode) {
if (!strcmp (mode, "infrastructure") && (priv->mode != NM_802_11_MODE_INFRA))
return FALSE;
if (!strcmp (mode, "adhoc") && (priv->mode != NM_802_11_MODE_ADHOC))
return FALSE;
}
band = nm_setting_wireless_get_band (s_wireless);
if (band) {
if (!strcmp (band, "a")) {
if (priv->freq < 4915 || priv->freq > 5825)
return FALSE;
} else if (!strcmp (band, "bg")) {
if (priv->freq < 2412 || priv->freq > 2484)
return FALSE;
}
}
channel = nm_setting_wireless_get_channel (s_wireless);
if (channel) {
guint32 ap_chan = nm_utils_wifi_freq_to_channel (priv->freq);
if (channel != ap_chan)
return FALSE;
}
s_wireless_sec = (NMSettingWirelessSecurity *) nm_connection_get_setting (connection,
NM_TYPE_SETTING_WIRELESS_SECURITY);
return nm_setting_wireless_ap_security_compatible (s_wireless,
s_wireless_sec,
nm_ap_get_flags (self),
nm_ap_get_wpa_flags (self),
nm_ap_get_rsn_flags (self),
nm_ap_get_mode (self));
}
EAPMethodPEAP *
eap_method_peap_new (const char *glade_file,
WirelessSecurity *parent,
NMConnection *connection)
{
EAPMethodPEAP *method;
GtkWidget *widget;
GladeXML *xml;
GtkFileFilter *filter;
NMSetting8021x *s_8021x = NULL;
const char *filename;
g_return_val_if_fail (glade_file != NULL, NULL);
xml = glade_xml_new (glade_file, "eap_peap_notebook", NULL);
if (xml == NULL) {
g_warning ("Couldn't get eap_peap_widget from glade xml");
return NULL;
}
widget = glade_xml_get_widget (xml, "eap_peap_notebook");
g_assert (widget);
g_object_ref_sink (widget);
method = g_slice_new0 (EAPMethodPEAP);
if (!method) {
g_object_unref (xml);
g_object_unref (widget);
return NULL;
}
eap_method_init (EAP_METHOD (method),
validate,
add_to_size_group,
fill_connection,
destroy,
xml,
widget,
"eap_peap_anon_identity_entry");
eap_method_nag_init (EAP_METHOD (method),
glade_file,
"eap_peap_ca_cert_button",
connection);
method->sec_parent = parent;
if (connection)
s_8021x = NM_SETTING_802_1X (nm_connection_get_setting (connection, NM_TYPE_SETTING_802_1X));
widget = glade_xml_get_widget (xml, "eap_peap_ca_cert_button");
g_assert (widget);
gtk_file_chooser_set_local_only (GTK_FILE_CHOOSER (widget), TRUE);
gtk_file_chooser_button_set_title (GTK_FILE_CHOOSER_BUTTON (widget),
_("Choose a Certificate Authority certificate..."));
g_signal_connect (G_OBJECT (widget), "selection-changed",
(GCallback) wireless_security_changed_cb,
parent);
filter = eap_method_default_file_chooser_filter_new (FALSE);
gtk_file_chooser_add_filter (GTK_FILE_CHOOSER (widget), filter);
if (connection) {
filename = g_object_get_data (G_OBJECT (connection), NMA_PATH_CA_CERT_TAG);
if (filename)
gtk_file_chooser_set_filename (GTK_FILE_CHOOSER (widget), filename);
}
widget = inner_auth_combo_init (method, glade_file, connection, s_8021x);
inner_auth_combo_changed_cb (widget, (gpointer) method);
widget = glade_xml_get_widget (xml, "eap_peap_version_combo");
g_assert (widget);
gtk_combo_box_set_active (GTK_COMBO_BOX (widget), 0);
if (s_8021x) {
const char *peapver;
peapver = nm_setting_802_1x_get_phase1_peapver (s_8021x);
if (peapver) {
/* Index 0 is "Automatic" */
if (!strcmp (peapver, "0"))
gtk_combo_box_set_active (GTK_COMBO_BOX (widget), 1);
else if (!strcmp (peapver, "1"))
gtk_combo_box_set_active (GTK_COMBO_BOX (widget), 2);
}
}
g_signal_connect (G_OBJECT (widget), "changed",
(GCallback) wireless_security_changed_cb,
parent);
widget = glade_xml_get_widget (xml, "eap_peap_anon_identity_entry");
if (s_8021x && nm_setting_802_1x_get_anonymous_identity (s_8021x))
gtk_entry_set_text (GTK_ENTRY (widget), nm_setting_802_1x_get_anonymous_identity (s_8021x));
g_signal_connect (G_OBJECT (widget), "changed",
(GCallback) wireless_security_changed_cb,
parent);
return method;
}
static void
wireless_dialog_response_cb (GtkDialog *foo,
gint response,
gpointer user_data)
{
NMAWirelessDialog *dialog = NMA_WIRELESS_DIALOG (foo);
WirelessDialogClosure *closure = user_data;
NMConnection *connection, *fuzzy_match = NULL;
NMDevice *device;
NMAccessPoint *ap;
GSList *all, *iter;
if (response != GTK_RESPONSE_OK)
goto done;
if (!nma_wireless_dialog_get_nag_ignored (dialog)) {
GtkWidget *nag_dialog;
/* Nag the user about certificates or whatever. Only destroy the dialog
* if no nagging was done.
*/
nag_dialog = nma_wireless_dialog_nag_user (dialog);
if (nag_dialog) {
gtk_window_set_transient_for (GTK_WINDOW (nag_dialog), GTK_WINDOW (dialog));
g_signal_connect (nag_dialog, "response",
G_CALLBACK (nag_dialog_response_cb),
dialog);
return;
}
}
/* nma_wireless_dialog_get_connection() returns a connection with the
* refcount incremented, so the caller must remember to unref it.
*/
connection = nma_wireless_dialog_get_connection (dialog, &device, &ap);
g_assert (connection);
g_assert (device);
/* Find a similar connection and use that instead */
all = nm_remote_settings_list_connections (closure->settings);
for (iter = all; iter; iter = g_slist_next (iter)) {
if (nm_connection_compare (connection,
NM_CONNECTION (iter->data),
(NM_SETTING_COMPARE_FLAG_FUZZY | NM_SETTING_COMPARE_FLAG_IGNORE_ID))) {
fuzzy_match = NM_CONNECTION (iter->data);
break;
}
}
g_slist_free (all);
if (fuzzy_match) {
nm_client_activate_connection (closure->client,
fuzzy_match,
device,
ap ? nm_object_get_path (NM_OBJECT (ap)) : NULL,
activate_existing_cb,
NULL);
} else {
NMSetting *s_con;
NMSettingWireless *s_wifi;
const char *mode = NULL;
/* Entirely new connection */
/* Don't autoconnect adhoc networks by default for now */
s_wifi = (NMSettingWireless *) nm_connection_get_setting (connection, NM_TYPE_SETTING_WIRELESS);
if (s_wifi)
mode = nm_setting_wireless_get_mode (s_wifi);
if (g_strcmp0 (mode, "adhoc") == 0) {
s_con = nm_connection_get_setting (connection, NM_TYPE_SETTING_CONNECTION);
if (!s_con) {
s_con = nm_setting_connection_new ();
nm_connection_add_setting (connection, s_con);
}
g_object_set (G_OBJECT (s_con), NM_SETTING_CONNECTION_AUTOCONNECT, FALSE, NULL);
}
nm_client_add_and_activate_connection (closure->client,
connection,
device,
ap ? nm_object_get_path (NM_OBJECT (ap)) : NULL,
activate_new_cb,
NULL);
}
/* Balance nma_wireless_dialog_get_connection() */
g_object_unref (connection);
done:
gtk_widget_hide (GTK_WIDGET (dialog));
gtk_widget_destroy (GTK_WIDGET (dialog));
}
static NMDevice *
get_best_ip4_device (NMManager *manager, NMActRequest **out_req)
{
GSList *devices, *iter;
NMDevice *best = NULL;
int best_prio = G_MAXINT;
g_return_val_if_fail (manager != NULL, NULL);
g_return_val_if_fail (NM_IS_MANAGER (manager), NULL);
g_return_val_if_fail (out_req != NULL, NULL);
g_return_val_if_fail (*out_req == NULL, NULL);
devices = nm_manager_get_devices (manager);
for (iter = devices; iter; iter = g_slist_next (iter)) {
NMDevice *dev = NM_DEVICE (iter->data);
NMActRequest *req;
NMConnection *connection;
NMIP4Config *ip4_config;
NMSettingIP4Config *s_ip4;
int prio;
guint i;
gboolean can_default = FALSE;
const char *method = NULL;
if (nm_device_get_state (dev) != NM_DEVICE_STATE_ACTIVATED)
continue;
ip4_config = nm_device_get_ip4_config (dev);
if (!ip4_config)
continue;
req = nm_device_get_act_request (dev);
g_assert (req);
connection = nm_act_request_get_connection (req);
g_assert (connection);
/* Never set the default route through an IPv4LL-addressed device */
s_ip4 = (NMSettingIP4Config *) nm_connection_get_setting (connection, NM_TYPE_SETTING_IP4_CONFIG);
if (s_ip4)
method = nm_setting_ip4_config_get_method (s_ip4);
if (s_ip4 && !strcmp (method, NM_SETTING_IP4_CONFIG_METHOD_LINK_LOCAL))
continue;
/* Make sure at least one of this device's IP addresses has a gateway */
for (i = 0; i < nm_ip4_config_get_num_addresses (ip4_config); i++) {
NMIP4Address *addr;
addr = nm_ip4_config_get_address (ip4_config, i);
if (nm_ip4_address_get_gateway (addr)) {
can_default = TRUE;
break;
}
}
if (!can_default && !NM_IS_DEVICE_MODEM (dev))
continue;
/* 'never-default' devices can't ever be the default */
if ( (s_ip4 && nm_setting_ip4_config_get_never_default (s_ip4))
|| nm_ip4_config_get_never_default (ip4_config))
continue;
prio = nm_device_get_priority (dev);
if (prio > 0 && prio < best_prio) {
best = dev;
best_prio = prio;
*out_req = req;
}
}
return best;
}
static void
update_ip6_routing_and_dns (NMPolicy *policy, gboolean force_update)
{
NMDnsIPConfigType dns_type = NM_DNS_IP_CONFIG_TYPE_BEST_DEVICE;
NMDevice *best = NULL;
NMActRequest *best_req = NULL;
NMDnsManager *dns_mgr;
GSList *devices = NULL, *iter;
#if NOT_YET
GSList *vpns;
#endif
NMIP6Config *ip6_config = NULL;
NMIP6Address *addr;
const char *ip_iface = NULL;
NMConnection *connection = NULL;
NMSettingConnection *s_con = NULL;
const char *connection_id;
best = get_best_ip6_device (policy->manager, &best_req);
if (!best)
goto out;
if (!force_update && (best == policy->default_device6))
goto out;
#if NOT_YET
/* If a VPN connection is active, it is preferred */
vpns = nm_vpn_manager_get_active_connections (policy->vpn_manager);
for (iter = vpns; iter; iter = g_slist_next (iter)) {
NMVPNConnection *candidate = NM_VPN_CONNECTION (iter->data);
NMConnection *vpn_connection;
NMSettingIP6Config *s_ip6;
gboolean can_default = TRUE;
NMVPNConnectionState vpn_state;
/* If it's marked 'never-default', don't make it default */
vpn_connection = nm_vpn_connection_get_connection (candidate);
g_assert (vpn_connection);
s_ip6 = (NMSettingIP6Config *) nm_connection_get_setting (vpn_connection, NM_TYPE_SETTING_IP6_CONFIG);
if (s_ip6 && nm_setting_ip6_config_get_never_default (s_ip6))
can_default = FALSE;
vpn_state = nm_vpn_connection_get_vpn_state (candidate);
if (can_default && (vpn_state == NM_VPN_CONNECTION_STATE_ACTIVATED)) {
NMIP6Config *parent_ip6;
NMDevice *parent;
ip_iface = nm_vpn_connection_get_ip_iface (candidate);
connection = nm_vpn_connection_get_connection (candidate);
ip6_config = nm_vpn_connection_get_ip6_config (candidate);
addr = nm_ip6_config_get_address (ip6_config, 0);
parent = nm_vpn_connection_get_parent_device (candidate);
parent_ip6 = nm_device_get_ip6_config (parent);
nm_system_replace_default_ip6_route_vpn (ip_iface,
nm_ip6_address_get_gateway (addr),
nm_vpn_connection_get_ip4_internal_gateway (candidate),
nm_ip6_config_get_mss (ip4_config),
nm_device_get_ip_iface (parent),
nm_ip6_config_get_mss (parent_ip4));
dns_type = NM_DNS_IP_CONFIG_TYPE_VPN;
}
g_object_unref (candidate);
}
g_slist_free (vpns);
#endif
/* The best device gets the default route if a VPN connection didn't */
if (!ip_iface || !ip6_config) {
connection = nm_act_request_get_connection (best_req);
ip_iface = nm_device_get_ip_iface (best);
ip6_config = nm_device_get_ip6_config (best);
g_assert (ip6_config);
addr = nm_ip6_config_get_address (ip6_config, 0);
nm_system_replace_default_ip6_route (ip_iface, nm_ip6_address_get_gateway (addr));
dns_type = NM_DNS_IP_CONFIG_TYPE_BEST_DEVICE;
}
if (!ip_iface || !ip6_config) {
nm_log_warn (LOGD_CORE, "couldn't determine IP interface (%p) or IPv6 config (%p)!",
ip_iface, ip6_config);
goto out;
}
/* Update the default active connection. Only mark the new default
* active connection after setting default = FALSE on all other connections
* first. The order is important, we don't want two connections marked
* default at the same time ever.
*/
devices = nm_manager_get_devices (policy->manager);
for (iter = devices; iter; iter = g_slist_next (iter)) {
NMDevice *dev = NM_DEVICE (iter->data);
NMActRequest *req;
req = nm_device_get_act_request (dev);
if (req && (req != best_req))
nm_act_request_set_default6 (req, FALSE);
}
dns_mgr = nm_dns_manager_get (NULL);
nm_dns_manager_add_ip6_config (dns_mgr, ip_iface, ip6_config, dns_type);
g_object_unref (dns_mgr);
/* Now set new default active connection _after_ updating DNS info, so that
* if the connection is shared dnsmasq picks up the right stuff.
*/
if (best_req)
nm_act_request_set_default6 (best_req, TRUE);
if (connection)
s_con = (NMSettingConnection *) nm_connection_get_setting (connection, NM_TYPE_SETTING_CONNECTION);
connection_id = s_con ? nm_setting_connection_get_id (s_con) : NULL;
if (connection_id) {
nm_log_info (LOGD_CORE, "Policy set '%s' (%s) as default for IPv6 routing and DNS.", connection_id, ip_iface);
} else {
nm_log_info (LOGD_CORE, "Policy set (%s) as default for IPv6 routing and DNS.", ip_iface);
}
out:
policy->default_device6 = best;
}
static void
detail_device (gpointer data, gpointer user_data)
{
NMDevice *device = NM_DEVICE (data);
struct cb_info *info = user_data;
char *tmp;
NMDeviceState state;
guint32 caps;
guint32 speed;
const GArray *array;
int j;
gboolean is_default = FALSE;
const char *id = NULL;
state = nm_device_get_state (device);
for (j = 0; info->active && (j < info->active->len); j++) {
NMActiveConnection *candidate = g_ptr_array_index (info->active, j);
const GPtrArray *devices = nm_active_connection_get_devices (candidate);
NMDevice *candidate_dev;
NMConnection *connection;
NMSettingConnection *s_con;
if (!devices || !devices->len)
continue;
candidate_dev = g_ptr_array_index (devices, 0);
if (candidate_dev == device) {
if (nm_active_connection_get_default (candidate))
is_default = TRUE;
connection = get_connection_for_active (candidate);
if (!connection)
break;
s_con = (NMSettingConnection *) nm_connection_get_setting (connection, NM_TYPE_SETTING_CONNECTION);
if (s_con)
id = nm_setting_connection_get_id (s_con);
break;
}
}
print_header ("Device", nm_device_get_iface (device), id);
/* General information */
if (NM_IS_DEVICE_ETHERNET (device))
print_string ("Type", "Wired");
else if (NM_IS_DEVICE_WIFI (device))
print_string ("Type", "802.11 WiFi");
else if (NM_IS_GSM_DEVICE (device))
print_string ("Type", "Mobile Broadband (GSM)");
else if (NM_IS_CDMA_DEVICE (device))
print_string ("Type", "Mobile Broadband (CDMA)");
else if (NM_IS_DEVICE_BT (device))
print_string ("Type", "Bluetooth");
#if WITH_WIMAX
else if (NM_IS_DEVICE_WIMAX (device))
print_string ("Type", "WiMAX");
#endif
print_string ("Driver", nm_device_get_driver (device) ? nm_device_get_driver (device) : "(unknown)");
print_string ("State", get_dev_state_string (state));
if (is_default)
print_string ("Default", "yes");
else
print_string ("Default", "no");
tmp = NULL;
if (NM_IS_DEVICE_ETHERNET (device))
tmp = g_strdup (nm_device_ethernet_get_hw_address (NM_DEVICE_ETHERNET (device)));
else if (NM_IS_DEVICE_WIFI (device))
tmp = g_strdup (nm_device_wifi_get_hw_address (NM_DEVICE_WIFI (device)));
#if WITH_WIMAX
else if (NM_IS_DEVICE_WIMAX (device))
tmp = g_strdup (nm_device_wimax_get_hw_address (NM_DEVICE_WIMAX (device)));
#endif
if (tmp) {
print_string ("HW Address", tmp);
g_free (tmp);
}
/* Capabilities */
caps = nm_device_get_capabilities (device);
printf ("\n Capabilities:\n");
if (caps & NM_DEVICE_CAP_CARRIER_DETECT)
print_string (" Carrier Detect", "yes");
speed = 0;
if (NM_IS_DEVICE_ETHERNET (device)) {
/* Speed in Mb/s */
speed = nm_device_ethernet_get_speed (NM_DEVICE_ETHERNET (device));
} else if (NM_IS_DEVICE_WIFI (device)) {
/* Speed in b/s */
speed = nm_device_wifi_get_bitrate (NM_DEVICE_WIFI (device));
speed /= 1000;
}
if (speed) {
char *speed_string;
speed_string = g_strdup_printf ("%u Mb/s", speed);
print_string (" Speed", speed_string);
g_free (speed_string);
}
/* Wireless specific information */
if ((NM_IS_DEVICE_WIFI (device))) {
guint32 wcaps;
NMAccessPoint *active_ap = NULL;
const char *active_bssid = NULL;
const GPtrArray *aps;
printf ("\n Wireless Properties\n");
wcaps = nm_device_wifi_get_capabilities (NM_DEVICE_WIFI (device));
if (wcaps & (NM_WIFI_DEVICE_CAP_CIPHER_WEP40 | NM_WIFI_DEVICE_CAP_CIPHER_WEP104))
print_string (" WEP Encryption", "yes");
if (wcaps & NM_WIFI_DEVICE_CAP_WPA)
print_string (" WPA Encryption", "yes");
if (wcaps & NM_WIFI_DEVICE_CAP_RSN)
print_string (" WPA2 Encryption", "yes");
if (nm_device_get_state (device) == NM_DEVICE_STATE_ACTIVATED) {
active_ap = nm_device_wifi_get_active_access_point (NM_DEVICE_WIFI (device));
active_bssid = active_ap ? nm_access_point_get_hw_address (active_ap) : NULL;
}
printf ("\n Wireless Access Points %s\n", active_ap ? "(* = current AP)" : "");
aps = nm_device_wifi_get_access_points (NM_DEVICE_WIFI (device));
if (aps && aps->len)
g_ptr_array_foreach ((GPtrArray *) aps, detail_access_point, (gpointer) active_bssid);
} else if (NM_IS_DEVICE_ETHERNET (device)) {
printf ("\n Wired Properties\n");
if (nm_device_ethernet_get_carrier (NM_DEVICE_ETHERNET (device)))
print_string (" Carrier", "on");
else
print_string (" Carrier", "off");
#if WITH_WIMAX
} else if (NM_IS_DEVICE_WIMAX (device)) {
NMDeviceWimax *wimax = NM_DEVICE_WIMAX (device);
NMWimaxNsp *active_nsp = NULL;
const char *active_name = NULL;
const GPtrArray *nsps;
if (nm_device_get_state (device) == NM_DEVICE_STATE_ACTIVATED) {
guint tmp_uint;
gint tmp_int;
const char *tmp_str;
active_nsp = nm_device_wimax_get_active_nsp (wimax);
active_name = active_nsp ? nm_wimax_nsp_get_name (active_nsp) : NULL;
printf ("\n Link Status\n");
tmp_uint = nm_device_wimax_get_center_frequency (wimax);
if (tmp_uint)
tmp = g_strdup_printf ("%'.1f MHz", (double) tmp_uint / 1000.0);
else
tmp = g_strdup ("(unknown)");
print_string (" Center Freq.", tmp);
g_free (tmp);
tmp_int = nm_device_wimax_get_rssi (wimax);
if (tmp_int)
tmp = g_strdup_printf ("%d dBm", tmp_int);
else
tmp = g_strdup ("(unknown)");
print_string (" RSSI", tmp);
g_free (tmp);
tmp_int = nm_device_wimax_get_cinr (wimax);
if (tmp_int)
tmp = g_strdup_printf ("%d dB", tmp_int);
else
tmp = g_strdup ("(unknown)");
print_string (" CINR", tmp);
g_free (tmp);
tmp_int = nm_device_wimax_get_tx_power (wimax);
if (tmp_int)
tmp = g_strdup_printf ("%'.2f dBm", (float) tmp_int / 2.0);
else
tmp = g_strdup ("(unknown)");
print_string (" TX Power", tmp);
g_free (tmp);
tmp_str = nm_device_wimax_get_bsid (wimax);
if (tmp_str)
print_string (" BSID", tmp_str);
else
print_string (" BSID", "(unknown)");
}
printf ("\n WiMAX NSPs %s\n", active_nsp ? "(* current NSP)" : "");
nsps = nm_device_wimax_get_nsps (NM_DEVICE_WIMAX (device));
if (nsps && nsps->len)
g_ptr_array_foreach ((GPtrArray *) nsps, detail_nsp, (gpointer) active_name);
#endif
}
/* IP Setup info */
if (state == NM_DEVICE_STATE_ACTIVATED) {
NMIP4Config *cfg4 = nm_device_get_ip4_config (device);
NMIP6Config *cfg6 = nm_device_get_ip6_config (device);
GSList *iter;
if (cfg4) {
printf ("\n IPv4 Settings:\n");
for (iter = (GSList *) nm_ip4_config_get_addresses (cfg4); iter; iter = g_slist_next (iter)) {
NMIP4Address *addr = (NMIP4Address *) iter->data;
guint32 prefix = nm_ip4_address_get_prefix (addr);
char *tmp2;
tmp = ip4_address_as_string (nm_ip4_address_get_address (addr));
print_string (" Address", tmp);
g_free (tmp);
tmp2 = ip4_address_as_string (nm_utils_ip4_prefix_to_netmask (prefix));
tmp = g_strdup_printf ("%d (%s)", prefix, tmp2);
g_free (tmp2);
print_string (" Prefix", tmp);
g_free (tmp);
tmp = ip4_address_as_string (nm_ip4_address_get_gateway (addr));
print_string (" Gateway", tmp);
g_free (tmp);
printf ("\n");
}
array = nm_ip4_config_get_nameservers (cfg4);
if (array) {
int i;
for (i = 0; i < array->len; i++) {
tmp = ip4_address_as_string (g_array_index (array, guint32, i));
print_string (" DNS", tmp);
g_free (tmp);
}
}
}
if (cfg6) {
printf ("\n IPv6 Settings:\n");
for (iter = (GSList *) nm_ip6_config_get_addresses (cfg6); iter; iter = g_slist_next (iter)) {
NMIP6Address *addr = (NMIP6Address *) iter->data;
guint32 prefix = nm_ip6_address_get_prefix (addr);
tmp = ip6_address_as_string (nm_ip6_address_get_address (addr));
print_string (" Address", tmp);
g_free (tmp);
tmp = g_strdup_printf ("%d", prefix);
print_string (" Prefix", tmp);
g_free (tmp);
tmp = ip6_address_as_string (nm_ip6_address_get_gateway (addr));
print_string (" Gateway", tmp);
g_free (tmp);
printf ("\n");
}
for (iter = (GSList *) nm_ip6_config_get_nameservers (cfg6); iter; iter = g_slist_next (iter)) {
tmp = ip6_address_as_string (iter->data);
print_string (" DNS", tmp);
g_free (tmp);
}
}
}
printf ("\n\n");
}
static gboolean
real_connect (NMVPNPlugin *plugin,
NMConnection *connection,
GError **error)
{
NML2tpPluginPrivate *priv = NM_L2TP_PLUGIN_GET_PRIVATE (plugin);
NMSettingVPN *s_vpn;
const char *value;
if (getenv ("NM_PPP_DUMP_CONNECTION") || debug)
nm_connection_dump (connection);
s_vpn = NM_SETTING_VPN (nm_connection_get_setting (connection, NM_TYPE_SETTING_VPN));
g_assert (s_vpn);
if (!nm_l2tp_properties_validate (s_vpn, error))
return FALSE;
if (!nm_l2tp_secrets_validate (s_vpn, error))
return FALSE;
/* Start our pppd plugin helper service */
if (priv->service)
g_object_unref (priv->service);
if (priv->connection) {
g_object_unref (priv->connection);
priv->connection = NULL;
}
priv->service = nm_l2tp_ppp_service_new (connection, error);
if (!priv->service) {
g_set_error (error,
NM_VPN_PLUGIN_ERROR,
NM_VPN_PLUGIN_ERROR_LAUNCH_FAILED,
"%s",
_("Could not start pppd plugin helper service."));
return FALSE;
}
priv->connection = g_object_ref (connection);
g_signal_connect (G_OBJECT (priv->service), "plugin-alive", G_CALLBACK (service_plugin_alive_cb), plugin);
g_signal_connect (G_OBJECT (priv->service), "ppp-state", G_CALLBACK (service_ppp_state_cb), plugin);
g_signal_connect (G_OBJECT (priv->service), "ip4-config", G_CALLBACK (service_ip4_config_cb), plugin);
/* Cache the username and password so we can relay the secrets to the pppd
* plugin when it asks for them.
*/
if (!_service_cache_credentials (priv->service, connection, error))
return FALSE;
if (!nm_l2tp_resolve_gateway (NM_L2TP_PLUGIN (plugin), s_vpn, error))
return FALSE;
if (!nm_l2tp_config_write (NM_L2TP_PLUGIN (plugin), s_vpn, error))
return FALSE;
value = nm_setting_vpn_get_data_item (s_vpn, NM_L2TP_KEY_IPSEC_ENABLE);
g_message(_("ipsec enable flag: %s"), value?value:"(null)");
if(value && !strcmp(value,"yes")) {
g_message(_("starting ipsec"));
if (!nm_l2tp_start_ipsec(NM_L2TP_PLUGIN (plugin), s_vpn, error))
return FALSE;
}
if (!nm_l2tp_start_l2tpd_binary (NM_L2TP_PLUGIN (plugin), s_vpn, error))
return FALSE;
return TRUE;
}
GtkWidget *
ws_802_1x_auth_combo_init (WirelessSecurity *sec,
const char *combo_name,
GCallback auth_combo_changed_cb,
NMConnection *connection)
{
GtkWidget *combo;
GtkListStore *auth_model;
GtkTreeIter iter;
EAPMethodTLS *em_tls;
EAPMethodLEAP *em_leap;
EAPMethodTTLS *em_ttls;
EAPMethodPEAP *em_peap;
const char *default_method = NULL;
int active = -1, item = 0;
gboolean wired = FALSE;
/* Grab the default EAP method out of the security object */
if (connection) {
NMSettingConnection *s_con;
NMSetting8021x *s_8021x;
s_con = NM_SETTING_CONNECTION (nm_connection_get_setting (connection, NM_TYPE_SETTING_CONNECTION));
g_assert (s_con);
if (!strcmp (nm_setting_connection_get_connection_type (s_con), NM_SETTING_WIRED_SETTING_NAME))
wired = TRUE;
s_8021x = (NMSetting8021x *) nm_connection_get_setting (connection, NM_TYPE_SETTING_802_1X);
if (s_8021x && nm_setting_802_1x_get_num_eap_methods (s_8021x))
default_method = nm_setting_802_1x_get_eap_method (s_8021x, 0);
}
auth_model = gtk_list_store_new (2, G_TYPE_STRING, eap_method_get_g_type ());
em_tls = eap_method_tls_new (sec, connection, FALSE);
gtk_list_store_append (auth_model, &iter);
gtk_list_store_set (auth_model, &iter,
AUTH_NAME_COLUMN, _("TLS"),
AUTH_METHOD_COLUMN, em_tls,
-1);
eap_method_unref (EAP_METHOD (em_tls));
if (default_method && (active < 0) && !strcmp (default_method, "tls"))
active = item;
item++;
if (!wired) {
em_leap = eap_method_leap_new (sec, connection);
gtk_list_store_append (auth_model, &iter);
gtk_list_store_set (auth_model, &iter,
AUTH_NAME_COLUMN, _("LEAP"),
AUTH_METHOD_COLUMN, em_leap,
-1);
eap_method_unref (EAP_METHOD (em_leap));
if (default_method && (active < 0) && !strcmp (default_method, "leap"))
active = item;
item++;
}
em_ttls = eap_method_ttls_new (sec, connection);
gtk_list_store_append (auth_model, &iter);
gtk_list_store_set (auth_model, &iter,
AUTH_NAME_COLUMN, _("Tunneled TLS"),
AUTH_METHOD_COLUMN, em_ttls,
-1);
eap_method_unref (EAP_METHOD (em_ttls));
if (default_method && (active < 0) && !strcmp (default_method, "ttls"))
active = item;
item++;
em_peap = eap_method_peap_new (sec, connection);
gtk_list_store_append (auth_model, &iter);
gtk_list_store_set (auth_model, &iter,
AUTH_NAME_COLUMN, _("Protected EAP (PEAP)"),
AUTH_METHOD_COLUMN, em_peap,
-1);
eap_method_unref (EAP_METHOD (em_peap));
if (default_method && (active < 0) && !strcmp (default_method, "peap"))
active = item;
item++;
combo = GTK_WIDGET (gtk_builder_get_object (sec->builder, combo_name));
g_assert (combo);
gtk_combo_box_set_model (GTK_COMBO_BOX (combo), GTK_TREE_MODEL (auth_model));
g_object_unref (G_OBJECT (auth_model));
gtk_combo_box_set_active (GTK_COMBO_BOX (combo), active < 0 ? 0 : (guint32) active);
g_signal_connect (G_OBJECT (combo), "changed", auth_combo_changed_cb, sec);
return combo;
}
gboolean
nm_ppp_manager_start (NMPPPManager *manager,
NMActRequest *req,
const char *ppp_name,
guint32 timeout_secs,
GError **err)
{
NMPPPManagerPrivate *priv;
NMConnection *connection;
NMSettingPpp *s_ppp;
gboolean s_ppp_created = FALSE;
NMSettingPppoe *pppoe_setting;
NMSettingAdsl *adsl_setting;
NMCmdLine *ppp_cmd;
char *cmd_str;
struct stat st;
g_return_val_if_fail (NM_IS_PPP_MANAGER (manager), FALSE);
g_return_val_if_fail (NM_IS_ACT_REQUEST (req), FALSE);
priv = NM_PPP_MANAGER_GET_PRIVATE (manager);
#if !WITH_PPP
/* PPP support disabled */
g_set_error_literal (err,
NM_MANAGER_ERROR,
NM_MANAGER_ERROR_FAILED,
"PPP support is not enabled.");
return FALSE;
#endif
priv->pid = 0;
/* Make sure /dev/ppp exists (bgo #533064) */
if (stat ("/dev/ppp", &st) || !S_ISCHR (st.st_mode))
nm_utils_modprobe (NULL, FALSE, "ppp_generic", NULL);
connection = nm_act_request_get_applied_connection (req);
g_assert (connection);
s_ppp = nm_connection_get_setting_ppp (connection);
if (!s_ppp) {
/* If the PPP settings are all default we may not have a PPP setting yet,
* so just make a default one here.
*/
s_ppp = NM_SETTING_PPP (nm_setting_ppp_new ());
s_ppp_created = TRUE;
}
pppoe_setting = nm_connection_get_setting_pppoe (connection);
if (pppoe_setting)
pppoe_fill_defaults (s_ppp);
adsl_setting = (NMSettingAdsl *) nm_connection_get_setting (connection, NM_TYPE_SETTING_ADSL);
ppp_cmd = create_pppd_cmd_line (manager, s_ppp, pppoe_setting, adsl_setting, ppp_name, err);
if (!ppp_cmd)
goto out;
g_ptr_array_add (ppp_cmd->array, NULL);
_LOGI ("starting PPP connection");
cmd_str = nm_cmd_line_to_str (ppp_cmd);
_LOGD ("command line: %s", cmd_str);
g_free (cmd_str);
priv->pid = 0;
if (!g_spawn_async (NULL, (char **) ppp_cmd->array->pdata, NULL,
G_SPAWN_DO_NOT_REAP_CHILD,
nm_utils_setpgid, NULL,
&priv->pid, err)) {
goto out;
}
_LOGI ("pppd started with pid %d", priv->pid);
priv->ppp_watch_id = g_child_watch_add (priv->pid, (GChildWatchFunc) ppp_watch_cb, manager);
priv->ppp_timeout_handler = g_timeout_add_seconds (timeout_secs, pppd_timed_out, manager);
priv->act_req = g_object_ref (req);
out:
if (s_ppp_created)
g_object_unref (s_ppp);
if (ppp_cmd)
nm_cmd_line_destroy (ppp_cmd);
return priv->pid > 0;
}
static GHashTable *
create_connect_properties (NMConnection *connection)
{
NMSettingGsm *setting;
GHashTable *properties;
const char *str;
setting = NM_SETTING_GSM (nm_connection_get_setting (connection, NM_TYPE_SETTING_GSM));
properties = value_hash_create ();
str = nm_setting_gsm_get_number (setting);
if (str)
value_hash_add_str (properties, "number", str);
str = nm_setting_gsm_get_apn (setting);
if (str)
value_hash_add_str (properties, "apn", str);
str = nm_setting_gsm_get_network_id (setting);
if (str)
value_hash_add_str (properties, "network_id", str);
str = nm_setting_gsm_get_pin (setting);
if (str)
value_hash_add_str (properties, "pin", str);
str = nm_setting_gsm_get_username (setting);
if (str)
value_hash_add_str (properties, "username", str);
str = nm_setting_gsm_get_password (setting);
if (str)
value_hash_add_str (properties, "password", str);
/* Add both old and new preferred modes */
switch (nm_setting_gsm_get_network_type (setting)) {
case NM_SETTING_GSM_NETWORK_TYPE_UMTS_HSPA:
value_hash_add_uint (properties, "network_mode", MM_MODEM_GSM_NETWORK_DEPRECATED_MODE_3G_ONLY);
value_hash_add_uint (properties, "allowed_mode", MM_MODEM_GSM_ALLOWED_MODE_3G_ONLY);
break;
case NM_SETTING_GSM_NETWORK_TYPE_GPRS_EDGE:
value_hash_add_uint (properties, "network_mode", MM_MODEM_GSM_NETWORK_DEPRECATED_MODE_2G_ONLY);
value_hash_add_uint (properties, "allowed_mode", MM_MODEM_GSM_ALLOWED_MODE_2G_ONLY);
break;
case NM_SETTING_GSM_NETWORK_TYPE_PREFER_UMTS_HSPA:
value_hash_add_uint (properties, "network_mode", MM_MODEM_GSM_NETWORK_DEPRECATED_MODE_3G_PREFERRED);
value_hash_add_uint (properties, "allowed_mode", MM_MODEM_GSM_ALLOWED_MODE_3G_PREFERRED);
break;
case NM_SETTING_GSM_NETWORK_TYPE_PREFER_GPRS_EDGE:
value_hash_add_uint (properties, "network_mode", MM_MODEM_GSM_NETWORK_DEPRECATED_MODE_2G_PREFERRED);
value_hash_add_uint (properties, "allowed_mode", MM_MODEM_GSM_ALLOWED_MODE_2G_PREFERRED);
break;
default:
value_hash_add_uint (properties, "network_mode", MM_MODEM_GSM_NETWORK_DEPRECATED_MODE_ANY);
value_hash_add_uint (properties, "allowed_mode", MM_MODEM_GSM_ALLOWED_MODE_ANY);
break;
}
/* Roaming */
if (nm_setting_gsm_get_home_only (setting))
value_hash_add_bool (properties, "home_only", TRUE);
return properties;
}
WirelessSecurityWEPKey *
ws_wep_key_new (const char *glade_file,
NMConnection *connection,
NMWepKeyType type,
gboolean adhoc_create,
gboolean simple)
{
WirelessSecurityWEPKey *sec;
GtkWidget *widget;
GladeXML *xml;
NMSettingWirelessSecurity *s_wsec = NULL;
guint8 default_key_idx = 0;
gboolean is_adhoc = adhoc_create;
gboolean is_shared_key = FALSE;
g_return_val_if_fail (glade_file != NULL, NULL);
xml = glade_xml_new (glade_file, "wep_key_notebook", NULL);
if (xml == NULL) {
g_warning ("Couldn't get wep_key_widget from glade xml");
return NULL;
}
widget = glade_xml_get_widget (xml, "wep_key_notebook");
g_assert (widget);
g_object_ref_sink (widget);
sec = g_slice_new0 (WirelessSecurityWEPKey);
if (!sec) {
g_object_unref (xml);
g_object_unref (widget);
return NULL;
}
wireless_security_init (WIRELESS_SECURITY (sec),
validate,
add_to_size_group,
fill_connection,
update_secrets,
destroy,
xml,
widget,
"wep_key_entry");
sec->type = type;
widget = glade_xml_get_widget (xml, "wep_key_entry");
g_assert (widget);
gtk_entry_set_width_chars (GTK_ENTRY (widget), 28);
if (connection) {
NMSettingWireless *s_wireless;
const char *mode, *auth_alg;
s_wireless = (NMSettingWireless *) nm_connection_get_setting (connection, NM_TYPE_SETTING_WIRELESS);
mode = s_wireless ? nm_setting_wireless_get_mode (s_wireless) : NULL;
if (mode && !strcmp (mode, "adhoc"))
is_adhoc = TRUE;
s_wsec = NM_SETTING_WIRELESS_SECURITY (nm_connection_get_setting (connection, NM_TYPE_SETTING_WIRELESS_SECURITY));
if (s_wsec) {
auth_alg = nm_setting_wireless_security_get_auth_alg (s_wsec);
if (auth_alg && !strcmp (auth_alg, "shared"))
is_shared_key = TRUE;
}
}
g_signal_connect (G_OBJECT (widget), "changed",
(GCallback) wireless_security_changed_cb,
sec);
g_signal_connect (G_OBJECT (widget), "insert-text",
(GCallback) wep_entry_filter_cb,
sec);
if (sec->type == NM_WEP_KEY_TYPE_KEY)
gtk_entry_set_max_length (GTK_ENTRY (widget), 26);
else if (sec->type == NM_WEP_KEY_TYPE_PASSPHRASE)
gtk_entry_set_max_length (GTK_ENTRY (widget), 64);
widget = glade_xml_get_widget (xml, "key_index_combo");
if (connection && s_wsec)
default_key_idx = nm_setting_wireless_security_get_wep_tx_keyidx (s_wsec);
gtk_combo_box_set_active (GTK_COMBO_BOX (widget), default_key_idx);
sec->cur_index = default_key_idx;
g_signal_connect (G_OBJECT (widget), "changed",
(GCallback) key_index_combo_changed_cb,
sec);
/* Key index is useless with adhoc networks */
if (is_adhoc || simple) {
gtk_widget_hide (widget);
widget = glade_xml_get_widget (xml, "key_index_label");
gtk_widget_hide (widget);
}
/* Fill the key entry with the key for that index */
if (connection)
update_secrets (WIRELESS_SECURITY (sec), connection);
widget = glade_xml_get_widget (xml, "show_checkbutton");
g_assert (widget);
g_signal_connect (G_OBJECT (widget), "toggled",
(GCallback) show_toggled_cb,
sec);
widget = glade_xml_get_widget (xml, "auth_method_combo");
gtk_combo_box_set_active (GTK_COMBO_BOX (widget), is_shared_key ? 1 : 0);
g_signal_connect (G_OBJECT (widget), "changed",
(GCallback) wireless_security_changed_cb,
sec);
/* Don't show auth method for adhoc (which always uses open-system) or
* when in "simple" mode.
*/
if (is_adhoc || simple) {
/* Ad-Hoc connections can't use Shared Key auth */
if (is_adhoc)
gtk_combo_box_set_active (GTK_COMBO_BOX (widget), 0);
gtk_widget_hide (widget);
widget = glade_xml_get_widget (xml, "auth_method_label");
gtk_widget_hide (widget);
}
return sec;
}
EAPMethodTLS *
eap_method_tls_new (const char *glade_file,
WirelessSecurity *parent,
NMConnection *connection,
gboolean phase2)
{
EAPMethodTLS *method;
GtkWidget *widget;
GladeXML *xml;
NMSetting8021x *s_8021x = NULL;
g_return_val_if_fail (glade_file != NULL, NULL);
xml = glade_xml_new (glade_file, "eap_tls_notebook", NULL);
if (xml == NULL) {
g_warning ("Couldn't get eap_tls_widget from glade xml");
return NULL;
}
widget = glade_xml_get_widget (xml, "eap_tls_notebook");
g_assert (widget);
g_object_ref_sink (widget);
method = g_slice_new0 (EAPMethodTLS);
if (!method) {
g_object_unref (xml);
g_object_unref (widget);
return NULL;
}
eap_method_init (EAP_METHOD (method),
validate,
add_to_size_group,
fill_connection,
update_secrets,
destroy,
xml,
widget,
"eap_tls_identity_entry");
eap_method_nag_init (EAP_METHOD (method),
glade_file,
"eap_tls_ca_cert_button",
connection,
phase2);
method->phase2 = phase2;
if (connection)
s_8021x = NM_SETTING_802_1X (nm_connection_get_setting (connection, NM_TYPE_SETTING_802_1X));
widget = glade_xml_get_widget (xml, "eap_tls_identity_entry");
g_assert (widget);
g_signal_connect (G_OBJECT (widget), "changed",
(GCallback) wireless_security_changed_cb,
parent);
if (s_8021x && nm_setting_802_1x_get_identity (s_8021x))
gtk_entry_set_text (GTK_ENTRY (widget), nm_setting_802_1x_get_identity (s_8021x));
setup_filepicker (xml, "eap_tls_user_cert_button",
_("Choose your personal certificate..."),
parent, method, s_8021x,
phase2 ? nm_setting_802_1x_get_phase2_client_cert_scheme : nm_setting_802_1x_get_client_cert_scheme,
phase2 ? nm_setting_802_1x_get_phase2_client_cert_path : nm_setting_802_1x_get_client_cert_path,
FALSE, TRUE);
setup_filepicker (xml, "eap_tls_ca_cert_button",
_("Choose a Certificate Authority certificate..."),
parent, method, s_8021x,
phase2 ? nm_setting_802_1x_get_phase2_ca_cert_scheme : nm_setting_802_1x_get_ca_cert_scheme,
phase2 ? nm_setting_802_1x_get_phase2_ca_cert_path : nm_setting_802_1x_get_ca_cert_path,
FALSE, FALSE);
setup_filepicker (xml, "eap_tls_private_key_button",
_("Choose your private key..."),
parent, method, s_8021x,
phase2 ? nm_setting_802_1x_get_phase2_private_key_scheme : nm_setting_802_1x_get_private_key_scheme,
phase2 ? nm_setting_802_1x_get_phase2_private_key_path : nm_setting_802_1x_get_private_key_path,
TRUE, FALSE);
/* Fill secrets, if any */
if (connection)
update_secrets (EAP_METHOD (method), connection);
widget = glade_xml_get_widget (xml, "eap_tls_private_key_password_entry");
g_assert (widget);
g_signal_connect (G_OBJECT (widget), "changed",
(GCallback) wireless_security_changed_cb,
parent);
widget = glade_xml_get_widget (xml, "show_checkbutton");
g_assert (widget);
g_signal_connect (G_OBJECT (widget), "toggled",
(GCallback) show_toggled_cb,
method);
return method;
}
static void
test_need_tls_phase2_secrets_blob (void)
{
NMConnection *connection;
const char *setting_name;
GPtrArray *hints = NULL;
NMSetting8021x *s_8021x;
connection = make_tls_phase2_connection ("need-tls-phase2-secrets-blob-key",
NM_SETTING_802_1X_CK_SCHEME_BLOB);
ASSERT (connection != NULL,
"need-tls-phase2-secrets-blob-key",
"error creating test connection");
/* Ensure we don't need any secrets since we just set up the connection */
setting_name = nm_connection_need_secrets (connection, &hints);
ASSERT (setting_name == NULL,
"need-tls-phase2-secrets-blob-key",
"secrets are unexpectedly required");
ASSERT (hints == NULL,
"need-tls-phase2-secrets-blob-key",
"hints should be NULL since no secrets were required");
/* Connection is good; clear secrets and ensure private key is then required */
nm_connection_clear_secrets (connection);
hints = NULL;
setting_name = nm_connection_need_secrets (connection, &hints);
ASSERT (setting_name != NULL,
"need-tls-phase2-secrets-blob-key",
"unexpected secrets success");
ASSERT (strcmp (setting_name, NM_SETTING_802_1X_SETTING_NAME) == 0,
"need-tls-phase2-secrets-blob-key",
"unexpected setting secrets required");
ASSERT (hints != NULL,
"need-tls-phase2-secrets-blob-key",
"expected returned secrets hints");
ASSERT (find_hints_item (hints, NM_SETTING_802_1X_PHASE2_PRIVATE_KEY),
"need-tls-phase2-secrets-blob-key",
"expected to require private key, but it wasn't");
g_object_unref (connection);
/*** Just clear the private key this time ***/
connection = make_tls_phase2_connection ("need-tls-phase2-secrets-blob-key-password",
NM_SETTING_802_1X_CK_SCHEME_BLOB);
ASSERT (connection != NULL,
"need-tls-phase2-secrets-blob-key-password",
"error creating test connection");
s_8021x = (NMSetting8021x *) nm_connection_get_setting (connection, NM_TYPE_SETTING_802_1X);
ASSERT (s_8021x != NULL,
"need-tls-phase2-secrets-blob-key-password",
"error getting test 802.1x setting");
g_object_set (G_OBJECT (s_8021x), NM_SETTING_802_1X_PHASE2_PRIVATE_KEY_PASSWORD, NULL, NULL);
/* Blobs are already decrypted and don't need a password */
hints = NULL;
setting_name = nm_connection_need_secrets (connection, &hints);
ASSERT (setting_name == NULL,
"need-tls-phase2-secrets-blob-key-password",
"unexpected secrets failure");
ASSERT (hints == NULL,
"need-tls-phase2-secrets-blob-key-password",
"hints should be NULL since no secrets were required");
g_object_unref (connection);
}
CEPage *
ce_page_wireless_security_new (NMConnection *connection, GtkWindow *parent_window, GError **error)
{
CEPageWirelessSecurity *self;
CEPage *parent;
NMSettingWireless *s_wireless;
NMSettingWirelessSecurity *s_wsec = NULL;
const char *setting_name = NULL;
NMUtilsSecurityType default_type = NMU_SEC_NONE;
const char *security;
self = CE_PAGE_WIRELESS_SECURITY (g_object_new (CE_TYPE_PAGE_WIRELESS_SECURITY,
CE_PAGE_CONNECTION, connection,
CE_PAGE_PARENT_WINDOW, parent_window,
NULL));
parent = CE_PAGE (self);
s_wireless = NM_SETTING_WIRELESS (nm_connection_get_setting (connection, NM_TYPE_SETTING_WIRELESS));
if (!s_wireless) {
g_set_error (error, 0, 0, "%s", _("Could not load WiFi security user interface; missing WiFi setting."));
g_object_unref (self);
return NULL;
}
parent->xml = glade_xml_new (GLADEDIR "/ce-page-wireless-security.glade", "WirelessSecurityPage", NULL);
if (!parent->xml) {
g_set_error (error, 0, 0, "%s", _("Could not load WiFi security user interface."));
g_object_unref (self);
return NULL;
}
parent->page = glade_xml_get_widget (parent->xml, "WirelessSecurityPage");
if (!parent->page) {
g_set_error (error, 0, 0, "%s", _("Could not load WiFi security user interface."));
g_object_unref (self);
return NULL;
}
g_object_ref_sink (parent->page);
parent->title = g_strdup (_("Wireless Security"));
self->group = gtk_size_group_new (GTK_SIZE_GROUP_HORIZONTAL);
s_wsec = NM_SETTING_WIRELESS_SECURITY (nm_connection_get_setting (connection,
NM_TYPE_SETTING_WIRELESS_SECURITY));
security = nm_setting_wireless_get_security (s_wireless);
if (!security || strcmp (security, NM_SETTING_WIRELESS_SECURITY_SETTING_NAME))
s_wsec = NULL;
if (s_wsec)
default_type = get_default_type_for_security (s_wsec);
/* Get secrets if the connection is not 802.1x enabled */
if ( default_type == NMU_SEC_STATIC_WEP
|| default_type == NMU_SEC_LEAP
|| default_type == NMU_SEC_WPA_PSK
|| default_type == NMU_SEC_WPA2_PSK) {
setting_name = NM_SETTING_WIRELESS_SECURITY_SETTING_NAME;
}
/* Or if it is 802.1x enabled */
if ( default_type == NMU_SEC_DYNAMIC_WEP
|| default_type == NMU_SEC_WPA_ENTERPRISE
|| default_type == NMU_SEC_WPA2_ENTERPRISE) {
setting_name = NM_SETTING_802_1X_SETTING_NAME;
}
g_signal_connect (self, "initialized", G_CALLBACK (finish_setup), NULL);
if (!ce_page_initialize (parent, setting_name, error)) {
g_object_unref (self);
return NULL;
}
return CE_PAGE (self);
}
static gboolean
auto_activate_device (gpointer user_data)
{
ActivateData *data = (ActivateData *) user_data;
NMPolicy *policy;
NMConnection *best_connection;
char *specific_object = NULL;
GSList *connections, *iter;
g_assert (data);
policy = data->policy;
// FIXME: if a device is already activating (or activated) with a connection
// but another connection now overrides the current one for that device,
// deactivate the device and activate the new connection instead of just
// bailing if the device is already active
if (nm_device_get_act_request (data->device))
goto out;
/* System connections first, then user connections */
connections = nm_manager_get_connections (policy->manager, NM_CONNECTION_SCOPE_SYSTEM);
if (nm_manager_auto_user_connections_allowed (policy->manager))
connections = g_slist_concat (connections, nm_manager_get_connections (policy->manager, NM_CONNECTION_SCOPE_USER));
/* Remove connections that are in the invalid list. */
iter = connections;
while (iter) {
NMConnection *iter_connection = NM_CONNECTION (iter->data);
GSList *next = g_slist_next (iter);
if (g_object_get_data (G_OBJECT (iter_connection), INVALID_TAG)) {
connections = g_slist_remove_link (connections, iter);
g_object_unref (iter_connection);
g_slist_free (iter);
}
iter = next;
}
best_connection = nm_device_get_best_auto_connection (data->device, connections, &specific_object);
if (best_connection) {
GError *error = NULL;
if (!nm_manager_activate_connection (policy->manager,
best_connection,
specific_object,
nm_device_get_path (data->device),
FALSE,
&error)) {
NMSettingConnection *s_con;
s_con = NM_SETTING_CONNECTION (nm_connection_get_setting (best_connection, NM_TYPE_SETTING_CONNECTION));
g_assert (s_con);
nm_log_info (LOGD_DEVICE, "Connection '%s' auto-activation failed: (%d) %s",
nm_setting_connection_get_id (s_con), error->code, error->message);
g_error_free (error);
}
}
g_slist_foreach (connections, (GFunc) g_object_unref, NULL);
g_slist_free (connections);
out:
/* Remove this call's handler ID */
policy->pending_activation_checks = g_slist_remove (policy->pending_activation_checks, data);
g_object_unref (data->device);
g_free (data);
return FALSE;
}
static void
connection_secrets_response_cb (NMAWirelessDialog *dialog,
gint response,
gpointer user_data)
{
SecretsRequestInfo *info = user_data;
NMConnection *connection;
GHashTable *settings = NULL;
NMSetting *s_wireless_sec;
const char *key_mgmt;
GError *error = NULL;
gtk_widget_hide (GTK_WIDGET (dialog));
connection = nma_wireless_dialog_get_connection (dialog);
if (response != GTK_RESPONSE_OK) {
error = g_error_new (NM_SETTINGS_INTERFACE_ERROR,
NM_SETTINGS_INTERFACE_ERROR_SECRETS_REQUEST_CANCELED,
"%s.%d (%s): canceled",
__FILE__, __LINE__, __func__);
goto done;
}
/* Returned secrets are a{sa{sv}}; this is the outer a{s...} hash that
* will contain all the individual settings hashes.
*/
settings = g_hash_table_new_full (g_str_hash, g_str_equal,
g_free, (GDestroyNotify) g_hash_table_destroy);
/* If the user chose an 802.1x-based auth method, return 802.1x secrets,
* not wireless secrets. Can happen with Dynamic WEP, because NM doesn't
* know the capabilities of the AP (since Dynamic WEP APs don't broadcast
* beacons), and therefore defaults to requesting WEP secrets from the
* wireless-security setting, not the 802.1x setting.
*/
s_wireless_sec = nm_connection_get_setting (connection, NM_TYPE_SETTING_WIRELESS_SECURITY);
key_mgmt = nm_setting_wireless_security_get_key_mgmt (NM_SETTING_WIRELESS_SECURITY (s_wireless_sec));
if (!strcmp (key_mgmt, "ieee8021x") || !strcmp (key_mgmt, "wpa-eap")) {
const char *auth_alg;
/* LEAP secrets aren't in the 802.1x setting */
auth_alg = nm_setting_wireless_security_get_auth_alg (NM_SETTING_WIRELESS_SECURITY (s_wireless_sec));
if (!auth_alg || strcmp (auth_alg, "leap")) {
NMSetting *s_8021x;
s_8021x = nm_connection_get_setting (connection, NM_TYPE_SETTING_802_1X);
if (!s_8021x) {
error = g_error_new (NM_SETTINGS_INTERFACE_ERROR,
NM_SETTINGS_INTERFACE_ERROR_INVALID_CONNECTION,
"%s.%d (%s): requested setting '802-1x' didn't"
" exist in the connection.",
__FILE__, __LINE__, __func__);
goto done;
}
/* Add the 802.1x setting */
g_hash_table_insert (settings,
g_strdup (nm_setting_get_name (s_8021x)),
nm_setting_to_hash (s_8021x));
}
}
/* Add the 802-11-wireless-security setting no matter what */
g_hash_table_insert (settings,
g_strdup (nm_setting_get_name (s_wireless_sec)),
nm_setting_to_hash (s_wireless_sec));
info->callback ((NMSettingsConnectionInterface *) connection, settings, NULL, info->callback_data);
/* Save the connection back to GConf _after_ hashing it, because
* saving to GConf might trigger the GConf change notifiers, resulting
* in the connection being read back in from GConf which clears secrets.
*/
if (NM_IS_GCONF_CONNECTION (connection)) {
nm_settings_connection_interface_update (NM_SETTINGS_CONNECTION_INTERFACE (connection),
update_cb,
NULL);
}
done:
if (settings)
g_hash_table_destroy (settings);
if (error) {
g_warning ("%s", error->message);
info->callback (NM_SETTINGS_CONNECTION_INTERFACE (connection), NULL, error, info->callback_data);
g_error_free (error);
}
g_free (info);
if (connection)
nm_connection_clear_secrets (connection);
gtk_widget_destroy (GTK_WIDGET (dialog));
}
static void
finish_setup (CEPageWirelessSecurity *self, gpointer unused, GError *error, gpointer user_data)
{
CEPage *parent = CE_PAGE (self);
NMSettingWireless *s_wireless;
NMSettingWirelessSecurity *s_wireless_sec;
NMConnection *connection = parent->connection;
gboolean is_adhoc = FALSE;
GtkListStore *sec_model;
GtkTreeIter iter;
const char *mode;
const char *security;
guint32 dev_caps = 0;
NMUtilsSecurityType default_type = NMU_SEC_NONE;
int active = -1;
int item = 0;
const char *glade_file = GLADEDIR "/applet.glade";
GtkComboBox *combo;
if (error)
return;
s_wireless = NM_SETTING_WIRELESS (nm_connection_get_setting (connection, NM_TYPE_SETTING_WIRELESS));
g_assert (s_wireless);
combo = GTK_COMBO_BOX (glade_xml_get_widget (parent->xml, "wireless_security_combo"));
dev_caps = NM_WIFI_DEVICE_CAP_CIPHER_WEP40
| NM_WIFI_DEVICE_CAP_CIPHER_WEP104
| NM_WIFI_DEVICE_CAP_CIPHER_TKIP
| NM_WIFI_DEVICE_CAP_CIPHER_CCMP
| NM_WIFI_DEVICE_CAP_WPA
| NM_WIFI_DEVICE_CAP_RSN;
mode = nm_setting_wireless_get_mode (s_wireless);
if (mode && !strcmp (mode, "adhoc"))
is_adhoc = TRUE;
s_wireless_sec = NM_SETTING_WIRELESS_SECURITY (nm_connection_get_setting (connection,
NM_TYPE_SETTING_WIRELESS_SECURITY));
security = nm_setting_wireless_get_security (s_wireless);
if (!security || strcmp (security, NM_SETTING_WIRELESS_SECURITY_SETTING_NAME))
s_wireless_sec = NULL;
if (s_wireless_sec)
default_type = get_default_type_for_security (s_wireless_sec);
sec_model = gtk_list_store_new (2, G_TYPE_STRING, wireless_security_get_g_type ());
if (nm_utils_security_valid (NMU_SEC_NONE, dev_caps, FALSE, is_adhoc, 0, 0, 0)) {
gtk_list_store_append (sec_model, &iter);
gtk_list_store_set (sec_model, &iter,
S_NAME_COLUMN, _("None"),
-1);
if (default_type == NMU_SEC_NONE)
active = item;
item++;
}
if (nm_utils_security_valid (NMU_SEC_STATIC_WEP, dev_caps, FALSE, is_adhoc, 0, 0, 0)) {
WirelessSecurityWEPKey *ws_wep;
NMWepKeyType wep_type = NM_WEP_KEY_TYPE_KEY;
if (default_type == NMU_SEC_STATIC_WEP) {
NMSettingWirelessSecurity *s_wsec;
s_wsec = (NMSettingWirelessSecurity *) nm_connection_get_setting (connection, NM_TYPE_SETTING_WIRELESS_SECURITY);
if (s_wsec)
wep_type = nm_setting_wireless_security_get_wep_key_type (s_wsec);
if (wep_type == NM_WEP_KEY_TYPE_UNKNOWN)
wep_type = NM_WEP_KEY_TYPE_KEY;
}
ws_wep = ws_wep_key_new (glade_file, connection, NM_WEP_KEY_TYPE_KEY, FALSE, FALSE);
if (ws_wep) {
add_security_item (self, WIRELESS_SECURITY (ws_wep), sec_model,
&iter, _("WEP 40/128-bit Key"));
if ((active < 0) && (default_type == NMU_SEC_STATIC_WEP) && (wep_type == NM_WEP_KEY_TYPE_KEY))
active = item;
item++;
}
ws_wep = ws_wep_key_new (glade_file, connection, NM_WEP_KEY_TYPE_PASSPHRASE, FALSE, FALSE);
if (ws_wep) {
add_security_item (self, WIRELESS_SECURITY (ws_wep), sec_model,
&iter, _("WEP 128-bit Passphrase"));
if ((active < 0) && (default_type == NMU_SEC_STATIC_WEP) && (wep_type == NM_WEP_KEY_TYPE_PASSPHRASE))
active = item;
item++;
}
}
if (nm_utils_security_valid (NMU_SEC_LEAP, dev_caps, FALSE, is_adhoc, 0, 0, 0)) {
WirelessSecurityLEAP *ws_leap;
ws_leap = ws_leap_new (glade_file, connection);
if (ws_leap) {
add_security_item (self, WIRELESS_SECURITY (ws_leap), sec_model,
&iter, _("LEAP"));
if ((active < 0) && (default_type == NMU_SEC_LEAP))
active = item;
item++;
}
}
if (nm_utils_security_valid (NMU_SEC_DYNAMIC_WEP, dev_caps, FALSE, is_adhoc, 0, 0, 0)) {
WirelessSecurityDynamicWEP *ws_dynamic_wep;
ws_dynamic_wep = ws_dynamic_wep_new (glade_file, connection);
if (ws_dynamic_wep) {
add_security_item (self, WIRELESS_SECURITY (ws_dynamic_wep), sec_model,
&iter, _("Dynamic WEP (802.1x)"));
if ((active < 0) && (default_type == NMU_SEC_DYNAMIC_WEP))
active = item;
item++;
}
}
if ( nm_utils_security_valid (NMU_SEC_WPA_PSK, dev_caps, FALSE, is_adhoc, 0, 0, 0)
|| nm_utils_security_valid (NMU_SEC_WPA2_PSK, dev_caps, FALSE, is_adhoc, 0, 0, 0)) {
WirelessSecurityWPAPSK *ws_wpa_psk;
ws_wpa_psk = ws_wpa_psk_new (glade_file, connection);
if (ws_wpa_psk) {
add_security_item (self, WIRELESS_SECURITY (ws_wpa_psk), sec_model,
&iter, _("WPA & WPA2 Personal"));
if ((active < 0) && ((default_type == NMU_SEC_WPA_PSK) || (default_type == NMU_SEC_WPA2_PSK)))
active = item;
item++;
}
}
if ( nm_utils_security_valid (NMU_SEC_WPA_ENTERPRISE, dev_caps, FALSE, is_adhoc, 0, 0, 0)
|| nm_utils_security_valid (NMU_SEC_WPA2_ENTERPRISE, dev_caps, FALSE, is_adhoc, 0, 0, 0)) {
WirelessSecurityWPAEAP *ws_wpa_eap;
ws_wpa_eap = ws_wpa_eap_new (glade_file, connection);
if (ws_wpa_eap) {
add_security_item (self, WIRELESS_SECURITY (ws_wpa_eap), sec_model,
&iter, _("WPA & WPA2 Enterprise"));
if ((active < 0) && ((default_type == NMU_SEC_WPA_ENTERPRISE) || (default_type == NMU_SEC_WPA2_ENTERPRISE)))
active = item;
item++;
}
}
gtk_combo_box_set_model (combo, GTK_TREE_MODEL (sec_model));
gtk_combo_box_set_active (combo, active < 0 ? 0 : (guint32) active);
g_object_unref (G_OBJECT (sec_model));
self->security_combo = combo;
wireless_security_combo_changed (combo, self);
g_signal_connect (combo, "changed",
G_CALLBACK (wireless_security_combo_changed),
self);
}
static void
ip4_private_init (CEPageIP4 *self, NMConnection *connection)
{
CEPageIP4Private *priv = CE_PAGE_IP4_GET_PRIVATE (self);
GladeXML *xml;
GtkTreeIter iter;
NMSettingConnection *s_con;
const char *connection_type;
char *str_auto = NULL, *str_auto_only = NULL;
xml = CE_PAGE (self)->xml;
s_con = NM_SETTING_CONNECTION (nm_connection_get_setting (connection, NM_TYPE_SETTING_CONNECTION));
g_assert (s_con);
connection_type = nm_setting_connection_get_connection_type (s_con);
g_assert (connection_type);
priv->connection_type = nm_connection_lookup_setting_type (connection_type);
if (priv->connection_type == NM_TYPE_SETTING_VPN) {
str_auto = _("Automatic (VPN)");
str_auto_only = _("Automatic (VPN) addresses only");
} else if ( priv->connection_type == NM_TYPE_SETTING_GSM
|| priv->connection_type == NM_TYPE_SETTING_CDMA) {
str_auto = _("Automatic (PPP)");
str_auto_only = _("Automatic (PPP) addresses only");
} else if (priv->connection_type == NM_TYPE_SETTING_PPPOE) {
str_auto = _("Automatic (PPPoE)");
str_auto_only = _("Automatic (PPPoE) addresses only");
} else {
str_auto = _("Automatic (DHCP)");
str_auto_only = _("Automatic (DHCP) addresses only");
}
priv->method = GTK_COMBO_BOX (glade_xml_get_widget (xml, "ip4_method"));
priv->method_store = gtk_list_store_new (2, G_TYPE_STRING, G_TYPE_UINT);
gtk_list_store_append (priv->method_store, &iter);
gtk_list_store_set (priv->method_store, &iter,
METHOD_COL_NAME, str_auto,
METHOD_COL_NUM, IP4_METHOD_AUTO,
-1);
gtk_list_store_append (priv->method_store, &iter);
gtk_list_store_set (priv->method_store, &iter,
METHOD_COL_NAME, str_auto_only,
METHOD_COL_NUM, IP4_METHOD_AUTO_ADDRESSES,
-1);
/* Manual is pointless for Mobile Broadband */
if ( priv->connection_type != NM_TYPE_SETTING_GSM
&& priv->connection_type != NM_TYPE_SETTING_CDMA
&& priv->connection_type != NM_TYPE_SETTING_VPN) {
gtk_list_store_append (priv->method_store, &iter);
gtk_list_store_set (priv->method_store, &iter,
METHOD_COL_NAME, _("Manual"),
METHOD_COL_NUM, IP4_METHOD_MANUAL,
-1);
}
/* Link-local is pointless for VPNs, Mobile Broadband, and PPPoE */
if ( priv->connection_type != NM_TYPE_SETTING_VPN
&& priv->connection_type != NM_TYPE_SETTING_PPPOE
&& priv->connection_type != NM_TYPE_SETTING_GSM
&& priv->connection_type != NM_TYPE_SETTING_CDMA) {
gtk_list_store_append (priv->method_store, &iter);
gtk_list_store_set (priv->method_store, &iter,
METHOD_COL_NAME, _("Link-Local Only"),
METHOD_COL_NUM, IP4_METHOD_LINK_LOCAL,
-1);
gtk_list_store_append (priv->method_store, &iter);
gtk_list_store_set (priv->method_store, &iter,
METHOD_COL_NAME, _("Shared to other computers"),
METHOD_COL_NUM, IP4_METHOD_SHARED,
-1);
}
gtk_combo_box_set_model (priv->method, GTK_TREE_MODEL (priv->method_store));
priv->addr_label = glade_xml_get_widget (xml, "ip4_addr_label");
priv->addr_add = GTK_BUTTON (glade_xml_get_widget (xml, "ip4_addr_add_button"));
priv->addr_delete = GTK_BUTTON (glade_xml_get_widget (xml, "ip4_addr_delete_button"));
priv->addr_list = GTK_TREE_VIEW (glade_xml_get_widget (xml, "ip4_addresses"));
priv->dns_servers_label = glade_xml_get_widget (xml, "ip4_dns_servers_label");
priv->dns_servers = GTK_ENTRY (glade_xml_get_widget (xml, "ip4_dns_servers_entry"));
priv->dns_searches_label = glade_xml_get_widget (xml, "ip4_dns_searches_label");
priv->dns_searches = GTK_ENTRY (glade_xml_get_widget (xml, "ip4_dns_searches_entry"));
priv->dhcp_client_id_label = glade_xml_get_widget (xml, "ip4_dhcp_client_id_label");
priv->dhcp_client_id = GTK_ENTRY (glade_xml_get_widget (xml, "ip4_dhcp_client_id_entry"));
/* Hide DHCP stuff if it'll never be used for a particular method */
if ( priv->connection_type == NM_TYPE_SETTING_VPN
|| priv->connection_type == NM_TYPE_SETTING_GSM
|| priv->connection_type == NM_TYPE_SETTING_CDMA
|| priv->connection_type == NM_TYPE_SETTING_PPPOE) {
gtk_widget_hide (GTK_WIDGET (priv->dhcp_client_id_label));
gtk_widget_hide (GTK_WIDGET (priv->dhcp_client_id));
}
priv->routes_button = GTK_BUTTON (glade_xml_get_widget (xml, "ip4_routes_button"));
}
static NMConnection *
create_connection (NMConnectionItem *item)
{
NMConnection *connection;
NMDeviceWifi *device;
NMAccessPoint *ap;
NMSetting *s_con;
NMSetting *s_wireless;
NMSettingWirelessSecurity *s_wireless_sec;
NMSetting8021x *s_8021x = NULL;
const GByteArray *ap_ssid;
char *id;
char buf[33];
int buf_len;
NM80211Mode mode;
guint32 dev_caps;
gboolean supported = TRUE;
device = NM_DEVICE_WIFI (nm_device_item_get_device (NM_DEVICE_ITEM (item)));
ap = nm_wifi_item_get_ap (NM_WIFI_ITEM (item));
dev_caps = nm_device_wifi_get_capabilities (device);
s_wireless_sec = get_security_for_ap (ap, dev_caps, &supported, &s_8021x);
if (!supported)
return NULL;
if (NM_CONNECTION_ITEM_CLASS (nm_wifi_item_parent_class)->create_connection)
connection = NM_CONNECTION_ITEM_CLASS (nm_wifi_item_parent_class)->create_connection (item);
if (!connection)
return NULL;
s_wireless = nm_setting_wireless_new ();
ap_ssid = nm_access_point_get_ssid (ap);
g_object_set (s_wireless, NM_SETTING_WIRELESS_SSID, ap_ssid, NULL);
mode = nm_access_point_get_mode (ap);
if (mode == NM_802_11_MODE_ADHOC)
g_object_set (s_wireless, NM_SETTING_WIRELESS_MODE, "adhoc", NULL);
else if (mode == NM_802_11_MODE_INFRA)
g_object_set (s_wireless, NM_SETTING_WIRELESS_MODE, "infrastructure", NULL);
else
g_assert_not_reached ();
nm_connection_add_setting (connection, s_wireless);
if (s_wireless_sec) {
g_object_set (s_wireless, NM_SETTING_WIRELESS_SEC, NM_SETTING_WIRELESS_SECURITY_SETTING_NAME, NULL);
nm_connection_add_setting (connection, NM_SETTING (s_wireless_sec));
}
if (s_8021x)
nm_connection_add_setting (connection, NM_SETTING (s_8021x));
s_con = nm_connection_get_setting (connection, NM_TYPE_SETTING_CONNECTION);
g_object_set (s_con,
NM_SETTING_CONNECTION_TYPE, nm_setting_get_name (s_wireless),
NM_SETTING_CONNECTION_AUTOCONNECT, !is_manufacturer_default_ssid (ap_ssid),
NULL);
memset (buf, 0, sizeof (buf));
buf_len = MIN (ap_ssid->len, sizeof (buf) - 1);
memcpy (buf, ap_ssid->data, buf_len);
id = nm_utils_ssid_to_utf8 (buf, buf_len);
g_object_set (s_con, NM_SETTING_CONNECTION_ID, id, NULL);
g_free (id);
return connection;
}
static gboolean
init_plugin_ui (StrongswanPluginUiWidget *self, NMConnection *connection, GError **error)
{
StrongswanPluginUiWidgetPrivate *priv = STRONGSWAN_PLUGIN_UI_WIDGET_GET_PRIVATE (self);
NMSettingVPN *settings;
GtkWidget *widget;
const char *value;
settings = NM_SETTING_VPN(nm_connection_get_setting(connection, NM_TYPE_SETTING_VPN));
widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "address-entry"));
value = nm_setting_vpn_get_data_item (settings, "address");
if (value)
gtk_entry_set_text (GTK_ENTRY (widget), value);
g_signal_connect (G_OBJECT (widget), "changed", G_CALLBACK (settings_changed_cb), self);
widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "certificate-button"));
value = nm_setting_vpn_get_data_item (settings, "certificate");
if (value)
gtk_file_chooser_set_filename (GTK_FILE_CHOOSER (widget), value);
g_signal_connect (G_OBJECT (widget), "selection-changed", G_CALLBACK (settings_changed_cb), self);
widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "user-label"));
gtk_widget_set_no_show_all (widget, TRUE);
widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "user-entry"));
gtk_widget_set_no_show_all (widget, TRUE);
value = nm_setting_vpn_get_data_item (settings, "user");
if (value)
gtk_entry_set_text (GTK_ENTRY (widget), value);
g_signal_connect (G_OBJECT (widget), "changed", G_CALLBACK (settings_changed_cb), self);
widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "method-combo"));
gtk_combo_box_text_append_text (GTK_COMBO_BOX_TEXT (widget), _("Certificate/private key"));
gtk_combo_box_text_append_text (GTK_COMBO_BOX_TEXT (widget), _("Certificate/ssh-agent"));
gtk_combo_box_text_append_text (GTK_COMBO_BOX_TEXT (widget), _("Smartcard"));
gtk_combo_box_text_append_text (GTK_COMBO_BOX_TEXT (widget), _("EAP"));
gtk_combo_box_text_append_text (GTK_COMBO_BOX_TEXT (widget), _("Pre-shared key"));
value = nm_setting_vpn_get_data_item (settings, "method");
if (value) {
if (g_strcmp0 (value, "key") == 0) {
gtk_combo_box_set_active (GTK_COMBO_BOX (widget), 0);
}
if (g_strcmp0 (value, "agent") == 0) {
gtk_combo_box_set_active (GTK_COMBO_BOX (widget), 1);
}
if (g_strcmp0 (value, "smartcard") == 0) {
gtk_combo_box_set_active (GTK_COMBO_BOX (widget), 2);
}
if (g_strcmp0 (value, "eap") == 0) {
gtk_combo_box_set_active (GTK_COMBO_BOX (widget), 3);
}
if (g_strcmp0 (value, "psk") == 0) {
gtk_combo_box_set_active (GTK_COMBO_BOX (widget), 4);
}
}
if (gtk_combo_box_get_active (GTK_COMBO_BOX (widget)) == -1)
{
gtk_combo_box_set_active (GTK_COMBO_BOX (widget), 0);
}
update_layout (widget, priv);
g_signal_connect (G_OBJECT (widget), "changed", G_CALLBACK (settings_changed_cb), self);
widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "usercert-label"));
gtk_widget_set_no_show_all (widget, TRUE);
widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "usercert-button"));
gtk_widget_set_no_show_all (widget, TRUE);
value = nm_setting_vpn_get_data_item (settings, "usercert");
if (value)
gtk_file_chooser_set_filename (GTK_FILE_CHOOSER (widget), value);
g_signal_connect (G_OBJECT (widget), "selection-changed", G_CALLBACK (settings_changed_cb), self);
widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "userkey-label"));
gtk_widget_set_no_show_all (widget, TRUE);
widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "userkey-button"));
gtk_widget_set_no_show_all (widget, TRUE);
value = nm_setting_vpn_get_data_item (settings, "userkey");
if (value)
gtk_file_chooser_set_filename (GTK_FILE_CHOOSER (widget), value);
g_signal_connect (G_OBJECT (widget), "selection-changed", G_CALLBACK (settings_changed_cb), self);
widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "virtual-check"));
value = nm_setting_vpn_get_data_item (settings, "virtual");
if (value && strcmp(value, "yes") == 0)
{
gtk_toggle_button_set_active(GTK_TOGGLE_BUTTON(widget), TRUE);
}
g_signal_connect (G_OBJECT (widget), "toggled", G_CALLBACK (settings_changed_cb), self);
widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "encap-check"));
value = nm_setting_vpn_get_data_item (settings, "encap");
if (value && strcmp(value, "yes") == 0)
{
gtk_toggle_button_set_active(GTK_TOGGLE_BUTTON(widget), TRUE);
}
g_signal_connect (G_OBJECT (widget), "toggled", G_CALLBACK (settings_changed_cb), self);
widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "ipcomp-check"));
value = nm_setting_vpn_get_data_item (settings, "ipcomp");
if (value && strcmp(value, "yes") == 0)
{
gtk_toggle_button_set_active(GTK_TOGGLE_BUTTON(widget), TRUE);
}
g_signal_connect (G_OBJECT (widget), "toggled", G_CALLBACK (settings_changed_cb), self);
return TRUE;
}
static void
fill_connection (EAPMethod *parent, NMConnection *connection)
{
NMSetting8021x *s_8021x;
GtkWidget *widget;
const char *text;
char *filename;
EAPMethod *eap = NULL;
GtkTreeModel *model;
GtkTreeIter iter;
int peapver_active = 0;
s_8021x = NM_SETTING_802_1X (nm_connection_get_setting (connection, NM_TYPE_SETTING_802_1X));
g_assert (s_8021x);
nm_setting_802_1x_add_eap_method (s_8021x, "peap");
widget = glade_xml_get_widget (parent->xml, "eap_peap_anon_identity_entry");
g_assert (widget);
text = gtk_entry_get_text (GTK_ENTRY (widget));
if (text && strlen (text))
g_object_set (s_8021x, NM_SETTING_802_1X_ANONYMOUS_IDENTITY, text, NULL);
widget = glade_xml_get_widget (parent->xml, "eap_peap_ca_cert_button");
g_assert (widget);
filename = gtk_file_chooser_get_filename (GTK_FILE_CHOOSER (widget));
if (filename) {
g_object_set_data_full (G_OBJECT (connection),
NMA_PATH_CA_CERT_TAG, g_strdup (filename),
(GDestroyNotify) g_free);
g_free (filename);
} else {
g_object_set_data (G_OBJECT (connection), NMA_PATH_CA_CERT_TAG, NULL);
}
if (eap_method_get_ignore_ca_cert (parent))
g_object_set_data (G_OBJECT (connection), NMA_CA_CERT_IGNORE_TAG, GUINT_TO_POINTER (TRUE));
else
g_object_set_data (G_OBJECT (connection), NMA_CA_CERT_IGNORE_TAG, NULL);
widget = glade_xml_get_widget (parent->xml, "eap_peap_version_combo");
peapver_active = gtk_combo_box_get_active (GTK_COMBO_BOX (widget));
switch (peapver_active) {
case 1: /* PEAP v0 */
g_object_set (G_OBJECT (s_8021x), NM_SETTING_802_1X_PHASE1_PEAPVER, "0", NULL);
break;
case 2: /* PEAP v1 */
g_object_set (G_OBJECT (s_8021x), NM_SETTING_802_1X_PHASE1_PEAPVER, "1", NULL);
break;
default: /* Automatic */
g_object_set (G_OBJECT (s_8021x), NM_SETTING_802_1X_PHASE1_PEAPVER, NULL, NULL);
break;
}
widget = glade_xml_get_widget (parent->xml, "eap_peap_inner_auth_combo");
model = gtk_combo_box_get_model (GTK_COMBO_BOX (widget));
gtk_combo_box_get_active_iter (GTK_COMBO_BOX (widget), &iter);
gtk_tree_model_get (model, &iter, I_METHOD_COLUMN, &eap, -1);
g_assert (eap);
eap_method_fill_connection (eap, connection);
eap_method_unref (eap);
}
static void
SCPluginIfupdown_init (NMSystemConfigInterface *config)
{
SCPluginIfupdown *self = SC_PLUGIN_IFUPDOWN (config);
SCPluginIfupdownPrivate *priv = SC_PLUGIN_IFUPDOWN_GET_PRIVATE (self);
GHashTable *auto_ifaces;
if_block *block = NULL;
NMInotifyHelper *inotify_helper;
GKeyFile* keyfile;
GError *error = NULL;
GList *keys, *iter;
const char *subsys[2] = { "net", NULL };
auto_ifaces = g_hash_table_new (g_str_hash, g_str_equal);
if(!priv->iface_connections)
priv->iface_connections = g_hash_table_new (g_str_hash, g_str_equal);
if(!priv->well_known_ifaces)
priv->well_known_ifaces = g_hash_table_new_full (g_str_hash, g_str_equal, g_free, g_object_unref);
if(!priv->well_known_interfaces)
priv->well_known_interfaces = g_hash_table_new (g_str_hash, g_str_equal);
PLUGIN_PRINT("SCPlugin-Ifupdown", "init!");
priv->client = g_udev_client_new (subsys);
if (!priv->client) {
PLUGIN_WARN ("SCPlugin-Ifupdown", " error initializing libgudev");
} else
g_signal_connect (priv->client, "uevent", G_CALLBACK (handle_uevent), self);
priv->unmanage_well_known = IFUPDOWN_UNMANAGE_WELL_KNOWN_DEFAULT;
inotify_helper = nm_inotify_helper_get ();
priv->inotify_event_id = g_signal_connect (inotify_helper,
"event",
G_CALLBACK (update_system_hostname),
config);
priv->inotify_system_hostname_wd =
nm_inotify_helper_add_watch (inotify_helper, IFUPDOWN_SYSTEM_HOSTNAME_FILE);
update_system_hostname (inotify_helper, NULL, NULL, config);
/* Read in all the interfaces */
ifparser_init (ENI_INTERFACES_FILE, 0);
block = ifparser_getfirst ();
while (block) {
if(!strcmp ("auto", block->type) || !strcmp ("allow-hotplug", block->type))
g_hash_table_insert (auto_ifaces, block->name, GUINT_TO_POINTER (1));
else if (!strcmp ("iface", block->type)) {
NMIfupdownConnection *exported;
/* Bridge configuration */
if(!strncmp ("br", block->name, 2)) {
/* Try to find bridge ports */
const char *ports = ifparser_getkey (block, "bridge-ports");
if (ports) {
int i;
int state = 0;
char **port_ifaces;
PLUGIN_PRINT("SCPlugin-Ifupdown", "found bridge ports %s for %s", ports, block->name);
port_ifaces = g_strsplit_set (ports, " \t", -1);
for (i = 0; i < g_strv_length (port_ifaces); i++) {
char *token = port_ifaces[i];
/* Skip crazy stuff like regex or all */
if (!strcmp ("all", token)) {
continue;
}
/* Small SM to skip everything inside regex */
if (!strcmp ("regex", token)) {
state++;
continue;
}
if (!strcmp ("noregex", token)) {
state--;
continue;
}
if (state == 0 && strlen (token) > 0) {
PLUGIN_PRINT("SCPlugin-Ifupdown", "adding bridge port %s to well_known_interfaces", token);
g_hash_table_insert (priv->well_known_interfaces, g_strdup (token), "known");
}
}
g_strfreev (port_ifaces);
}
goto next;
}
/* Skip loopback configuration */
if(!strcmp ("lo", block->name)) {
goto next;
}
/* Remove any connection for this block that was previously found */
exported = g_hash_table_lookup (priv->iface_connections, block->name);
if (exported) {
PLUGIN_PRINT("SCPlugin-Ifupdown", "deleting %s from iface_connections", block->name);
nm_settings_connection_delete (NM_SETTINGS_CONNECTION (exported), ignore_cb, NULL);
g_hash_table_remove (priv->iface_connections, block->name);
}
/* add the new connection */
exported = nm_ifupdown_connection_new (block);
if (exported) {
PLUGIN_PRINT("SCPlugin-Ifupdown", "adding %s to iface_connections", block->name);
g_hash_table_insert (priv->iface_connections, block->name, exported);
}
PLUGIN_PRINT("SCPlugin-Ifupdown", "adding iface %s to well_known_interfaces", block->name);
g_hash_table_insert (priv->well_known_interfaces, block->name, "known");
} else if (!strcmp ("mapping", block->type)) {
g_hash_table_insert (priv->well_known_interfaces, block->name, "known");
PLUGIN_PRINT("SCPlugin-Ifupdown", "adding mapping %s to well_known_interfaces", block->name);
}
next:
block = block->next;
}
/* Make 'auto' interfaces autoconnect=TRUE */
keys = g_hash_table_get_keys (priv->iface_connections);
for (iter = keys; iter; iter = g_list_next (iter)) {
NMIfupdownConnection *exported;
NMSetting *setting;
if (!g_hash_table_lookup (auto_ifaces, iter->data))
continue;
exported = g_hash_table_lookup (priv->iface_connections, iter->data);
setting = NM_SETTING (nm_connection_get_setting (NM_CONNECTION (exported), NM_TYPE_SETTING_CONNECTION));
g_object_set (setting, NM_SETTING_CONNECTION_AUTOCONNECT, TRUE, NULL);
nm_settings_connection_commit_changes (NM_SETTINGS_CONNECTION (exported), ignore_cb, NULL);
PLUGIN_PRINT("SCPlugin-Ifupdown", "autoconnect");
}
g_list_free (keys);
g_hash_table_destroy (auto_ifaces);
/* Find the config file */
if (g_file_test (IFUPDOWN_SYSTEM_SETTINGS_KEY_FILE, G_FILE_TEST_EXISTS))
priv->conf_file = IFUPDOWN_SYSTEM_SETTINGS_KEY_FILE;
else
priv->conf_file = IFUPDOWN_OLD_SYSTEM_SETTINGS_KEY_FILE;
keyfile = g_key_file_new ();
if (!g_key_file_load_from_file (keyfile,
priv->conf_file,
G_KEY_FILE_NONE,
&error)) {
nm_log_info (LOGD_SETTINGS, "loading system config file (%s) caused error: (%d) %s",
priv->conf_file,
error ? error->code : -1,
error && error->message ? error->message : "(unknown)");
} else {
gboolean manage_well_known;
error = NULL;
manage_well_known = g_key_file_get_boolean (keyfile,
IFUPDOWN_KEY_FILE_GROUP,
IFUPDOWN_KEY_FILE_KEY_MANAGED,
&error);
if (error) {
nm_log_info (LOGD_SETTINGS, "getting keyfile key '%s' in group '%s' failed: (%d) %s",
IFUPDOWN_KEY_FILE_GROUP,
IFUPDOWN_KEY_FILE_KEY_MANAGED,
error ? error->code : -1,
error && error->message ? error->message : "(unknown)");
} else
priv->unmanage_well_known = !manage_well_known;
}
PLUGIN_PRINT ("SCPluginIfupdown", "management mode: %s", priv->unmanage_well_known ? "unmanaged" : "managed");
if (keyfile)
g_key_file_free (keyfile);
/* Add well-known interfaces */
keys = g_udev_client_query_by_subsystem (priv->client, "net");
for (iter = keys; iter; iter = g_list_next (iter)) {
udev_device_added (self, G_UDEV_DEVICE (iter->data));
g_object_unref (G_UDEV_DEVICE (iter->data));
}
g_list_free (keys);
/* Now if we're running in managed mode, let NM know there are new connections */
if (!priv->unmanage_well_known) {
GList *con_list = g_hash_table_get_values (priv->iface_connections);
GList *cl_iter;
for (cl_iter = con_list; cl_iter; cl_iter = g_list_next (cl_iter)) {
g_signal_emit_by_name (self,
NM_SYSTEM_CONFIG_INTERFACE_CONNECTION_ADDED,
NM_SETTINGS_CONNECTION (cl_iter->data));
}
g_list_free (con_list);
}
PLUGIN_PRINT("SCPlugin-Ifupdown", "end _init.");
}
NMAccessPoint *
nm_ap_new_fake_from_connection (NMConnection *connection)
{
NMAccessPoint *ap;
NMSettingWireless *s_wireless;
NMSettingWirelessSecurity *s_wireless_sec;
const GByteArray *ssid;
const char *mode, *band, *key_mgmt;
guint32 channel, flags;
gboolean psk = FALSE, eap = FALSE;
g_return_val_if_fail (connection != NULL, NULL);
s_wireless = NM_SETTING_WIRELESS (nm_connection_get_setting (connection, NM_TYPE_SETTING_WIRELESS));
g_return_val_if_fail (s_wireless != NULL, NULL);
ssid = nm_setting_wireless_get_ssid (s_wireless);
g_return_val_if_fail (ssid != NULL, NULL);
g_return_val_if_fail (ssid->len > 0, NULL);
ap = nm_ap_new ();
nm_ap_set_fake (ap, TRUE);
nm_ap_set_ssid (ap, ssid);
// FIXME: bssid too?
mode = nm_setting_wireless_get_mode (s_wireless);
if (mode) {
if (!strcmp (mode, "infrastructure"))
nm_ap_set_mode (ap, NM_802_11_MODE_INFRA);
else if (!strcmp (mode, "adhoc"))
nm_ap_set_mode (ap, NM_802_11_MODE_ADHOC);
else
goto error;
} else {
nm_ap_set_mode (ap, NM_802_11_MODE_INFRA);
}
band = nm_setting_wireless_get_band (s_wireless);
channel = nm_setting_wireless_get_channel (s_wireless);
if (band && channel) {
guint32 freq = channel_to_freq (channel, band);
if (freq == 0)
goto error;
nm_ap_set_freq (ap, freq);
}
s_wireless_sec = (NMSettingWirelessSecurity *) nm_connection_get_setting (connection, NM_TYPE_SETTING_WIRELESS_SECURITY);
/* Assume presence of a security setting means the AP is encrypted */
if (!s_wireless_sec)
goto done;
key_mgmt = nm_setting_wireless_security_get_key_mgmt (s_wireless_sec);
/* Everything below here uses encryption */
nm_ap_set_flags (ap, nm_ap_get_flags (ap) | NM_802_11_AP_FLAGS_PRIVACY);
/* Static & Dynamic WEP */
if (!strcmp (key_mgmt, "none") || !strcmp (key_mgmt, "ieee8021x"))
goto done;
psk = !strcmp (key_mgmt, "wpa-psk");
eap = !strcmp (key_mgmt, "wpa-eap");
if (psk || eap) {
if (has_proto (s_wireless_sec, PROTO_WPA)) {
flags = nm_ap_get_wpa_flags (ap);
flags |= eap ? NM_802_11_AP_SEC_KEY_MGMT_802_1X : NM_802_11_AP_SEC_KEY_MGMT_PSK;
nm_ap_set_wpa_flags (ap, flags);
}
if (has_proto (s_wireless_sec, PROTO_RSN)) {
flags = nm_ap_get_rsn_flags (ap);
flags |= eap ? NM_802_11_AP_SEC_KEY_MGMT_802_1X : NM_802_11_AP_SEC_KEY_MGMT_PSK;
nm_ap_set_rsn_flags (ap, flags);
}
add_pair_ciphers (ap, s_wireless_sec);
add_group_ciphers (ap, s_wireless_sec);
} else if (!strcmp (key_mgmt, "wpa-none")) {
guint32 i;
/* Ad-Hoc has special requirements: proto=WPA, pairwise=(none), and
* group=TKIP/CCMP (but not both).
*/
flags = nm_ap_get_wpa_flags (ap);
flags |= NM_802_11_AP_SEC_KEY_MGMT_PSK;
/* Clear ciphers; pairwise must be unset anyway, and group gets set below */
flags &= ~( NM_802_11_AP_SEC_PAIR_WEP40
| NM_802_11_AP_SEC_PAIR_WEP104
| NM_802_11_AP_SEC_PAIR_TKIP
| NM_802_11_AP_SEC_PAIR_CCMP
| NM_802_11_AP_SEC_GROUP_WEP40
| NM_802_11_AP_SEC_GROUP_WEP104
| NM_802_11_AP_SEC_GROUP_TKIP
| NM_802_11_AP_SEC_GROUP_CCMP);
for (i = 0; i < nm_setting_wireless_security_get_num_groups (s_wireless_sec); i++) {
if (!strcmp (nm_setting_wireless_security_get_group (s_wireless_sec, i), "ccmp")) {
flags |= NM_802_11_AP_SEC_GROUP_CCMP;
break;
}
}
/* Default to TKIP since not all WPA-capable cards can do CCMP */
if (!(flags & NM_802_11_AP_SEC_GROUP_CCMP))
flags |= NM_802_11_AP_SEC_GROUP_TKIP;
nm_ap_set_wpa_flags (ap, flags);
/* Don't use Ad-Hoc RSN yet */
nm_ap_set_rsn_flags (ap, NM_802_11_AP_SEC_NONE);
}
done:
return ap;
error:
g_object_unref (ap);
return NULL;
}
NMVPNConnection *
nm_vpn_manager_activate_connection (NMVPNManager *manager,
NMConnection *connection,
NMDevice *device,
const char *specific_object,
gboolean user_requested,
gulong user_uid,
GError **error)
{
NMSettingVPN *vpn_setting;
NMVPNService *service;
NMVPNConnection *vpn = NULL;
const char *service_name;
g_return_val_if_fail (NM_IS_VPN_MANAGER (manager), NULL);
g_return_val_if_fail (NM_IS_CONNECTION (connection), NULL);
g_return_val_if_fail (NM_IS_DEVICE (device), NULL);
g_return_val_if_fail (error != NULL, NULL);
g_return_val_if_fail (*error == NULL, NULL);
if (nm_device_get_state (device) != NM_DEVICE_STATE_ACTIVATED) {
g_set_error (error,
NM_VPN_MANAGER_ERROR, NM_VPN_MANAGER_ERROR_DEVICE_NOT_ACTIVE,
"%s", "The base device for the VPN connection was not active.");
return NULL;
}
vpn_setting = (NMSettingVPN *) nm_connection_get_setting (connection, NM_TYPE_SETTING_VPN);
if (!vpn_setting) {
g_set_error (error,
NM_VPN_MANAGER_ERROR, NM_VPN_MANAGER_ERROR_CONNECTION_INVALID,
"%s", "The connection was not a VPN connection.");
return NULL;
}
vpn = find_active_vpn_connection_by_connection (manager, connection);
if (vpn) {
nm_vpn_connection_disconnect (vpn, NM_VPN_CONNECTION_STATE_REASON_USER_DISCONNECTED);
vpn = NULL;
}
service_name = nm_setting_vpn_get_service_type (vpn_setting);
g_assert (service_name);
service = g_hash_table_lookup (NM_VPN_MANAGER_GET_PRIVATE (manager)->services, service_name);
if (!service) {
g_set_error (error,
NM_VPN_MANAGER_ERROR, NM_VPN_MANAGER_ERROR_SERVICE_INVALID,
"The VPN service '%s' was not installed.",
service_name);
return NULL;
}
vpn = nm_vpn_service_activate (service, connection, device, specific_object, user_requested, user_uid, error);
if (vpn) {
g_signal_connect (vpn, "vpn-state-changed",
G_CALLBACK (connection_vpn_state_changed),
manager);
}
return vpn;
}