static NMActStageReturn act_stage1_prepare (NMModem *modem, NMActRequest *req, GPtrArray **out_hints, const char **out_setting_name, NMDeviceStateReason *reason) { NMModemGsm *self = NM_MODEM_GSM (modem); NMModemGsmPrivate *priv = NM_MODEM_GSM_GET_PRIVATE (self); NMConnection *connection; connection = nm_act_request_get_connection (req); g_assert (connection); *out_setting_name = nm_connection_need_secrets (connection, out_hints); if (!*out_setting_name) { gboolean enabled = nm_modem_get_mm_enabled (modem); if (priv->connect_properties) g_hash_table_destroy (priv->connect_properties); priv->connect_properties = create_connect_properties (connection); if (enabled) do_connect (self); else do_enable (self); } else { /* NMModem will handle requesting secrets... */ } return NM_ACT_STAGE_RETURN_POSTPONE; }
static NMActStageReturn real_act_stage1_prepare (NMDevice *device, NMDeviceStateReason *reason) { NMActRequest *req; NMConnection *connection; const char *setting_name; GPtrArray *hints = NULL; const char *hint1 = NULL, *hint2 = NULL; guint32 tries; req = nm_device_get_act_request (device); g_assert (req); connection = nm_act_request_get_connection (req); g_assert (connection); setting_name = nm_connection_need_secrets (connection, &hints); if (!setting_name) { GHashTable *properties; properties = create_connect_properties (connection); dbus_g_proxy_begin_call_with_timeout (nm_modem_get_proxy (NM_MODEM (device), MM_DBUS_INTERFACE_MODEM_SIMPLE), "Connect", stage1_prepare_done, device, NULL, 120000, DBUS_TYPE_G_MAP_OF_VARIANT, properties, G_TYPE_INVALID); return NM_ACT_STAGE_RETURN_POSTPONE; } if (hints) { if (hints->len > 0) hint1 = g_ptr_array_index (hints, 0); if (hints->len > 1) hint2 = g_ptr_array_index (hints, 1); } nm_device_state_changed (device, NM_DEVICE_STATE_NEED_AUTH, NM_DEVICE_STATE_REASON_NONE); tries = GPOINTER_TO_UINT (g_object_get_data (G_OBJECT (connection), GSM_SECRETS_TRIES)); nm_act_request_get_secrets (req, setting_name, tries ? TRUE : FALSE, SECRETS_CALLER_GSM, hint1, hint2); g_object_set_data (G_OBJECT (connection), GSM_SECRETS_TRIES, GUINT_TO_POINTER (++tries)); if (hints) g_ptr_array_free (hints, TRUE); return NM_ACT_STAGE_RETURN_POSTPONE; }
static void impl_ppp_manager_need_secrets (NMPPPManager *manager, DBusGMethodInvocation *context) { NMPPPManagerPrivate *priv = NM_PPP_MANAGER_GET_PRIVATE (manager); NMConnection *connection; const char *setting_name; const char *username = NULL; const char *password = NULL; guint32 tries; GPtrArray *hints = NULL; GError *error = NULL; NMSettingsGetSecretsFlags flags = NM_SETTINGS_GET_SECRETS_FLAG_ALLOW_INTERACTION; connection = nm_act_request_get_connection (priv->act_req); nm_connection_clear_secrets (connection); setting_name = nm_connection_need_secrets (connection, &hints); if (!setting_name) { /* Use existing secrets from the connection */ if (extract_details_from_connection (connection, &username, &password, &error)) { /* Send existing secrets to the PPP plugin */ priv->pending_secrets_context = context; ppp_secrets_cb (priv->act_req, priv->secrets_id, connection, NULL, manager); } else { nm_log_warn (LOGD_PPP, "%s", error->message); dbus_g_method_return_error (priv->pending_secrets_context, error); g_clear_error (&error); } return; } /* Only ask for completely new secrets after retrying them once; some devices * appear to ask a few times when they actually don't even care what you * pass back. */ tries = GPOINTER_TO_UINT (g_object_get_data (G_OBJECT (connection), PPP_MANAGER_SECRET_TRIES)); if (tries > 1) flags |= NM_SETTINGS_GET_SECRETS_FLAG_REQUEST_NEW; priv->secrets_id = nm_act_request_get_secrets (priv->act_req, setting_name, flags, hints ? g_ptr_array_index (hints, 0) : NULL, ppp_secrets_cb, manager); g_object_set_data (G_OBJECT (connection), PPP_MANAGER_SECRET_TRIES, GUINT_TO_POINTER (++tries)); priv->pending_secrets_context = context; if (hints) g_ptr_array_free (hints, TRUE); }
NMActStageReturn nm_modem_act_stage1_prepare (NMModem *self, NMActRequest *req, NMDeviceStateReason *reason) { NMModemPrivate *priv = NM_MODEM_GET_PRIVATE (self); NMActStageReturn ret; GPtrArray *hints = NULL; const char *setting_name = NULL; NMSecretAgentGetSecretsFlags flags = NM_SECRET_AGENT_GET_SECRETS_FLAG_ALLOW_INTERACTION; NMConnection *connection; if (priv->act_request) g_object_unref (priv->act_request); priv->act_request = g_object_ref (req); connection = nm_act_request_get_connection (req); g_assert (connection); setting_name = nm_connection_need_secrets (connection, &hints); if (!setting_name) { /* Ready to connect */ g_assert (!hints); return NM_MODEM_GET_CLASS (self)->act_stage1_prepare (self, connection, reason); } /* Secrets required... */ if (priv->secrets_tries++) flags |= NM_SECRET_AGENT_GET_SECRETS_FLAG_REQUEST_NEW; priv->secrets_id = nm_act_request_get_secrets (req, setting_name, flags, hints ? g_ptr_array_index (hints, 0) : NULL, modem_secrets_cb, self); if (priv->secrets_id) { g_signal_emit (self, signals[AUTH_REQUESTED], 0); ret = NM_ACT_STAGE_RETURN_POSTPONE; } else { *reason = NM_DEVICE_STATE_REASON_NO_SECRETS; ret = NM_ACT_STAGE_RETURN_FAILURE; } if (hints) g_ptr_array_free (hints, TRUE); return ret; }
static void test_need_tls_phase2_secrets_blob (void) { NMConnection *connection; const char *setting_name; GPtrArray *hints = NULL; NMSetting8021x *s_8021x; connection = make_tls_phase2_connection ("need-tls-phase2-secrets-blob-key", NM_SETTING_802_1X_CK_SCHEME_BLOB); ASSERT (connection != NULL, "need-tls-phase2-secrets-blob-key", "error creating test connection"); /* Ensure we don't need any secrets since we just set up the connection */ setting_name = nm_connection_need_secrets (connection, &hints); ASSERT (setting_name == NULL, "need-tls-phase2-secrets-blob-key", "secrets are unexpectedly required"); ASSERT (hints == NULL, "need-tls-phase2-secrets-blob-key", "hints should be NULL since no secrets were required"); /* Connection is good; clear secrets and ensure private key is then required */ nm_connection_clear_secrets (connection); hints = NULL; setting_name = nm_connection_need_secrets (connection, &hints); ASSERT (setting_name != NULL, "need-tls-phase2-secrets-blob-key", "unexpected secrets success"); ASSERT (strcmp (setting_name, NM_SETTING_802_1X_SETTING_NAME) == 0, "need-tls-phase2-secrets-blob-key", "unexpected setting secrets required"); ASSERT (hints != NULL, "need-tls-phase2-secrets-blob-key", "expected returned secrets hints"); ASSERT (find_hints_item (hints, NM_SETTING_802_1X_PHASE2_PRIVATE_KEY), "need-tls-phase2-secrets-blob-key", "expected to require private key, but it wasn't"); g_object_unref (connection); /*** Just clear the private key this time ***/ connection = make_tls_phase2_connection ("need-tls-phase2-secrets-blob-key-password", NM_SETTING_802_1X_CK_SCHEME_BLOB); ASSERT (connection != NULL, "need-tls-phase2-secrets-blob-key-password", "error creating test connection"); s_8021x = (NMSetting8021x *) nm_connection_get_setting (connection, NM_TYPE_SETTING_802_1X); ASSERT (s_8021x != NULL, "need-tls-phase2-secrets-blob-key-password", "error getting test 802.1x setting"); g_object_set (G_OBJECT (s_8021x), NM_SETTING_802_1X_PHASE2_PRIVATE_KEY_PASSWORD, NULL, NULL); /* Blobs are already decrypted and don't need a password */ hints = NULL; setting_name = nm_connection_need_secrets (connection, &hints); ASSERT (setting_name == NULL, "need-tls-phase2-secrets-blob-key-password", "unexpected secrets failure"); ASSERT (hints == NULL, "need-tls-phase2-secrets-blob-key-password", "hints should be NULL since no secrets were required"); g_object_unref (connection); }