static NMActStageReturn
act_stage1_prepare (NMModem *modem,
NMActRequest *req,
GPtrArray **out_hints,
const char **out_setting_name,
NMDeviceStateReason *reason)
{
NMModemGsm *self = NM_MODEM_GSM (modem);
NMModemGsmPrivate *priv = NM_MODEM_GSM_GET_PRIVATE (self);
NMConnection *connection;
connection = nm_act_request_get_connection (req);
g_assert (connection);
*out_setting_name = nm_connection_need_secrets (connection, out_hints);
if (!*out_setting_name) {
gboolean enabled = nm_modem_get_mm_enabled (modem);
if (priv->connect_properties)
g_hash_table_destroy (priv->connect_properties);
priv->connect_properties = create_connect_properties (connection);
if (enabled)
do_connect (self);
else
do_enable (self);
} else {
/* NMModem will handle requesting secrets... */
}
return NM_ACT_STAGE_RETURN_POSTPONE;
}
static NMActStageReturn
real_act_stage1_prepare (NMDevice *device, NMDeviceStateReason *reason)
{
NMActRequest *req;
NMConnection *connection;
const char *setting_name;
GPtrArray *hints = NULL;
const char *hint1 = NULL, *hint2 = NULL;
guint32 tries;
req = nm_device_get_act_request (device);
g_assert (req);
connection = nm_act_request_get_connection (req);
g_assert (connection);
setting_name = nm_connection_need_secrets (connection, &hints);
if (!setting_name) {
GHashTable *properties;
properties = create_connect_properties (connection);
dbus_g_proxy_begin_call_with_timeout (nm_modem_get_proxy (NM_MODEM (device), MM_DBUS_INTERFACE_MODEM_SIMPLE),
"Connect", stage1_prepare_done,
device, NULL, 120000,
DBUS_TYPE_G_MAP_OF_VARIANT, properties,
G_TYPE_INVALID);
return NM_ACT_STAGE_RETURN_POSTPONE;
}
if (hints) {
if (hints->len > 0)
hint1 = g_ptr_array_index (hints, 0);
if (hints->len > 1)
hint2 = g_ptr_array_index (hints, 1);
}
nm_device_state_changed (device, NM_DEVICE_STATE_NEED_AUTH, NM_DEVICE_STATE_REASON_NONE);
tries = GPOINTER_TO_UINT (g_object_get_data (G_OBJECT (connection), GSM_SECRETS_TRIES));
nm_act_request_get_secrets (req,
setting_name,
tries ? TRUE : FALSE,
SECRETS_CALLER_GSM,
hint1,
hint2);
g_object_set_data (G_OBJECT (connection), GSM_SECRETS_TRIES, GUINT_TO_POINTER (++tries));
if (hints)
g_ptr_array_free (hints, TRUE);
return NM_ACT_STAGE_RETURN_POSTPONE;
}
static void
impl_ppp_manager_need_secrets (NMPPPManager *manager,
DBusGMethodInvocation *context)
{
NMPPPManagerPrivate *priv = NM_PPP_MANAGER_GET_PRIVATE (manager);
NMConnection *connection;
const char *setting_name;
const char *username = NULL;
const char *password = NULL;
guint32 tries;
GPtrArray *hints = NULL;
GError *error = NULL;
NMSettingsGetSecretsFlags flags = NM_SETTINGS_GET_SECRETS_FLAG_ALLOW_INTERACTION;
connection = nm_act_request_get_connection (priv->act_req);
nm_connection_clear_secrets (connection);
setting_name = nm_connection_need_secrets (connection, &hints);
if (!setting_name) {
/* Use existing secrets from the connection */
if (extract_details_from_connection (connection, &username, &password, &error)) {
/* Send existing secrets to the PPP plugin */
priv->pending_secrets_context = context;
ppp_secrets_cb (priv->act_req, priv->secrets_id, connection, NULL, manager);
} else {
nm_log_warn (LOGD_PPP, "%s", error->message);
dbus_g_method_return_error (priv->pending_secrets_context, error);
g_clear_error (&error);
}
return;
}
/* Only ask for completely new secrets after retrying them once; some devices
* appear to ask a few times when they actually don't even care what you
* pass back.
*/
tries = GPOINTER_TO_UINT (g_object_get_data (G_OBJECT (connection), PPP_MANAGER_SECRET_TRIES));
if (tries > 1)
flags |= NM_SETTINGS_GET_SECRETS_FLAG_REQUEST_NEW;
priv->secrets_id = nm_act_request_get_secrets (priv->act_req,
setting_name,
flags,
hints ? g_ptr_array_index (hints, 0) : NULL,
ppp_secrets_cb,
manager);
g_object_set_data (G_OBJECT (connection), PPP_MANAGER_SECRET_TRIES, GUINT_TO_POINTER (++tries));
priv->pending_secrets_context = context;
if (hints)
g_ptr_array_free (hints, TRUE);
}
NMActStageReturn
nm_modem_act_stage1_prepare (NMModem *self,
NMActRequest *req,
NMDeviceStateReason *reason)
{
NMModemPrivate *priv = NM_MODEM_GET_PRIVATE (self);
NMActStageReturn ret;
GPtrArray *hints = NULL;
const char *setting_name = NULL;
NMSecretAgentGetSecretsFlags flags = NM_SECRET_AGENT_GET_SECRETS_FLAG_ALLOW_INTERACTION;
NMConnection *connection;
if (priv->act_request)
g_object_unref (priv->act_request);
priv->act_request = g_object_ref (req);
connection = nm_act_request_get_connection (req);
g_assert (connection);
setting_name = nm_connection_need_secrets (connection, &hints);
if (!setting_name) {
/* Ready to connect */
g_assert (!hints);
return NM_MODEM_GET_CLASS (self)->act_stage1_prepare (self, connection, reason);
}
/* Secrets required... */
if (priv->secrets_tries++)
flags |= NM_SECRET_AGENT_GET_SECRETS_FLAG_REQUEST_NEW;
priv->secrets_id = nm_act_request_get_secrets (req,
setting_name,
flags,
hints ? g_ptr_array_index (hints, 0) : NULL,
modem_secrets_cb,
self);
if (priv->secrets_id) {
g_signal_emit (self, signals[AUTH_REQUESTED], 0);
ret = NM_ACT_STAGE_RETURN_POSTPONE;
} else {
*reason = NM_DEVICE_STATE_REASON_NO_SECRETS;
ret = NM_ACT_STAGE_RETURN_FAILURE;
}
if (hints)
g_ptr_array_free (hints, TRUE);
return ret;
}
static void
test_need_tls_phase2_secrets_blob (void)
{
NMConnection *connection;
const char *setting_name;
GPtrArray *hints = NULL;
NMSetting8021x *s_8021x;
connection = make_tls_phase2_connection ("need-tls-phase2-secrets-blob-key",
NM_SETTING_802_1X_CK_SCHEME_BLOB);
ASSERT (connection != NULL,
"need-tls-phase2-secrets-blob-key",
"error creating test connection");
/* Ensure we don't need any secrets since we just set up the connection */
setting_name = nm_connection_need_secrets (connection, &hints);
ASSERT (setting_name == NULL,
"need-tls-phase2-secrets-blob-key",
"secrets are unexpectedly required");
ASSERT (hints == NULL,
"need-tls-phase2-secrets-blob-key",
"hints should be NULL since no secrets were required");
/* Connection is good; clear secrets and ensure private key is then required */
nm_connection_clear_secrets (connection);
hints = NULL;
setting_name = nm_connection_need_secrets (connection, &hints);
ASSERT (setting_name != NULL,
"need-tls-phase2-secrets-blob-key",
"unexpected secrets success");
ASSERT (strcmp (setting_name, NM_SETTING_802_1X_SETTING_NAME) == 0,
"need-tls-phase2-secrets-blob-key",
"unexpected setting secrets required");
ASSERT (hints != NULL,
"need-tls-phase2-secrets-blob-key",
"expected returned secrets hints");
ASSERT (find_hints_item (hints, NM_SETTING_802_1X_PHASE2_PRIVATE_KEY),
"need-tls-phase2-secrets-blob-key",
"expected to require private key, but it wasn't");
g_object_unref (connection);
/*** Just clear the private key this time ***/
connection = make_tls_phase2_connection ("need-tls-phase2-secrets-blob-key-password",
NM_SETTING_802_1X_CK_SCHEME_BLOB);
ASSERT (connection != NULL,
"need-tls-phase2-secrets-blob-key-password",
"error creating test connection");
s_8021x = (NMSetting8021x *) nm_connection_get_setting (connection, NM_TYPE_SETTING_802_1X);
ASSERT (s_8021x != NULL,
"need-tls-phase2-secrets-blob-key-password",
"error getting test 802.1x setting");
g_object_set (G_OBJECT (s_8021x), NM_SETTING_802_1X_PHASE2_PRIVATE_KEY_PASSWORD, NULL, NULL);
/* Blobs are already decrypted and don't need a password */
hints = NULL;
setting_name = nm_connection_need_secrets (connection, &hints);
ASSERT (setting_name == NULL,
"need-tls-phase2-secrets-blob-key-password",
"unexpected secrets failure");
ASSERT (hints == NULL,
"need-tls-phase2-secrets-blob-key-password",
"hints should be NULL since no secrets were required");
g_object_unref (connection);
}
