static gboolean impl_vpn_plugin_need_secrets (NMVPNPlugin *plugin, GHashTable *properties, char **setting_name, GError **err) { gboolean ret = FALSE; NMConnection *connection; char *sn = NULL; GError *ns_err = NULL; gboolean needed = FALSE; GError *cnfh_err = NULL; g_return_val_if_fail (NM_IS_VPN_PLUGIN (plugin), FALSE); g_return_val_if_fail (properties != NULL, FALSE); connection = nm_connection_new_from_hash (properties, &cnfh_err); if (!connection) { g_set_error (err, NM_VPN_PLUGIN_ERROR, NM_VPN_PLUGIN_ERROR_CONNECTION_INVALID, "The connection was invalid: '%s' / '%s' invalid: %d.", g_type_name (nm_connection_lookup_setting_type_by_quark (cnfh_err->domain)), cnfh_err->message, cnfh_err->code); g_error_free (cnfh_err); return FALSE; } if (!NM_VPN_PLUGIN_GET_CLASS (plugin)->need_secrets) { *setting_name = ""; ret = TRUE; goto out; } needed = NM_VPN_PLUGIN_GET_CLASS (plugin)->need_secrets (plugin, connection, &sn, &ns_err); if (ns_err) { *err = g_error_copy (ns_err); g_error_free (ns_err); goto out; } ret = TRUE; if (needed) { /* Push back the quit timer so the VPN plugin doesn't quit in the * middle of asking the user for secrets. */ schedule_quit_timer (plugin); g_assert (sn); *setting_name = g_strdup (sn); } else { /* No secrets required */ *setting_name = g_strdup (""); } out: return ret; }
static void get_one_connection (DBusGConnection *bus, const char *path, NMConnectionScope scope, GHashTable *table) { DBusGProxy *proxy; NMConnection *connection = NULL; const char *service; GError *error = NULL; GHashTable *settings = NULL; g_return_if_fail (bus != NULL); g_return_if_fail (path != NULL); g_return_if_fail (table != NULL); service = (scope == NM_CONNECTION_SCOPE_SYSTEM) ? NM_DBUS_SERVICE_SYSTEM_SETTINGS : NM_DBUS_SERVICE_USER_SETTINGS; proxy = dbus_g_proxy_new_for_name (bus, service, path, NM_DBUS_IFACE_SETTINGS_CONNECTION); if (!proxy) return; if (!dbus_g_proxy_call (proxy, "GetSettings", &error, G_TYPE_INVALID, DBUS_TYPE_G_MAP_OF_MAP_OF_VARIANT, &settings, G_TYPE_INVALID)) { nm_warning ("error: cannot retrieve connection: %s", error ? error->message : "(unknown)"); goto out; } connection = nm_connection_new_from_hash (settings, &error); g_hash_table_destroy (settings); if (!connection) { nm_warning ("error: invalid connection: '%s' / '%s' invalid: %d", error ? g_type_name (nm_connection_lookup_setting_type_by_quark (error->domain)) : "(unknown)", error ? error->message : "(unknown)", error ? error->code : -1); goto out; } nm_connection_set_scope (connection, scope); nm_connection_set_path (connection, path); g_hash_table_insert (table, g_strdup (path), g_object_ref (connection)); out: g_clear_error (&error); if (connection) g_object_unref (connection); g_object_unref (proxy); }
static void update_connection_settings_commit_cb (NMSettingsConnection *orig, GError *error, gpointer user_data) { if (error) { g_warning ("%s: '%s' / '%s' invalid: %d", __func__, error ? g_type_name (nm_connection_lookup_setting_type_by_quark (error->domain)) : "(none)", (error && error->message) ? error->message : "(none)", error ? error->code : -1); g_clear_error (&error); nm_settings_connection_signal_remove (orig); } }
static gboolean impl_vpn_plugin_connect (NMVPNPlugin *plugin, GHashTable *properties, GError **error) { NMConnection *connection; gboolean success = FALSE; connection = nm_connection_new_from_hash (properties, error); if (!connection) { g_warning ("%s: Invalid connection: '%s' / '%s' invalid: %d", __func__, g_type_name (nm_connection_lookup_setting_type_by_quark ((*error)->domain)), (*error)->message, (*error)->code); } else { success = nm_vpn_plugin_connect (plugin, connection, error); g_object_unref (connection); } return success; }
NMConnection * nm_keyfile_plugin_connection_from_file (const char *filename, GError **error) { GKeyFile *key_file; struct stat statbuf; gboolean bad_owner, bad_permissions; NMConnection *connection = NULL; NMSettingConnection *s_con; NMSetting *setting; gchar **groups; gsize length; int i; gboolean vpn_secrets = FALSE; const char *ctype; GError *verify_error = NULL; if (stat (filename, &statbuf) != 0 || !S_ISREG (statbuf.st_mode)) { g_set_error_literal (error, KEYFILE_PLUGIN_ERROR, 0, "File did not exist or was not a regular file"); return NULL; } bad_owner = getuid () != statbuf.st_uid; bad_permissions = statbuf.st_mode & 0077; if (bad_owner || bad_permissions) { g_set_error (error, KEYFILE_PLUGIN_ERROR, 0, "File permissions (%o) or owner (%d) were insecure", statbuf.st_mode, statbuf.st_uid); return NULL; } key_file = g_key_file_new (); if (!g_key_file_load_from_file (key_file, filename, G_KEY_FILE_NONE, error)) goto out; connection = nm_connection_new (); groups = g_key_file_get_groups (key_file, &length); for (i = 0; i < length; i++) { /* Only read out secrets when needed */ if (!strcmp (groups[i], VPN_SECRETS_GROUP)) { vpn_secrets = TRUE; continue; } setting = read_setting (key_file, filename, groups[i]); if (setting) nm_connection_add_setting (connection, setting); } /* Make sure that we have the base device type setting even if * the keyfile didn't include it, which can happen when the base * device type setting is all default values (like ethernet). */ s_con = nm_connection_get_setting_connection (connection); if (s_con) { ctype = nm_setting_connection_get_connection_type (s_con); setting = nm_connection_get_setting_by_name (connection, ctype); if (ctype) { if (!setting && !strcmp (ctype, NM_SETTING_WIRED_SETTING_NAME)) nm_connection_add_setting (connection, nm_setting_wired_new ()); } } /* Handle vpn secrets after the 'vpn' setting was read */ if (vpn_secrets) { NMSettingVPN *s_vpn; s_vpn = nm_connection_get_setting_vpn (connection); if (s_vpn) read_vpn_secrets (key_file, s_vpn); } g_strfreev (groups); /* Verify the connection */ if (!nm_connection_verify (connection, &verify_error)) { g_set_error (error, KEYFILE_PLUGIN_ERROR, 0, "invalid or missing connection property '%s/%s'", verify_error ? g_type_name (nm_connection_lookup_setting_type_by_quark (verify_error->domain)) : "(unknown)", (verify_error && verify_error->message) ? verify_error->message : "(unknown)"); g_clear_error (&verify_error); g_object_unref (connection); connection = NULL; g_warning ("Connection failed to verify: %s", verify_error ? g_type_name (nm_connection_lookup_setting_type_by_quark (verify_error->domain)) : "(unknown)"); } out: g_key_file_free (key_file); return connection; }